5V0-41.21 Exam Questions

Which of the following describes the main concept of Zero-Trust Networks for network connected devices?

Which vCenter component is used by the NSX Manager to deploy the Partner Service VM on every host of a cluster configured for guest introspection?

To which object can time based rules be applied?

An organization wants to add security controls for contractor virtual desktops. Which statement Is true when configuring an NSX Identity firewall rule?

Refer to the exhibit. An administrator needs to configure a security policy with a firewall rule allowing a group of applications to retrieve the correct time from an NTP server. W...

Which two statements are true about IDS/IPS signatures? (Choose two.)

What is the NSX feature that allows a user to block ICMP between 192.168.1.100 and 192.168.1.101?

Which three criteria help to determine the severity for a Distributed IDS/IPS? (Choose three.)

Which is the port number used by transport nodes to export firewall statistics to NSX Manager?

Where is a partner security virtual machine (Partner SVM) deployed to process the redirected North-South traffic in an efficient manner?

To which network operations does a user with the Security Engineer role have full access permission?

Which two Guest OS drivers are required for the Identity Firewall to operate? (Choose two.)

An administrator has enabled the "logging" option on a specific firewall rule. The administrator does not see messages on the Logging Server related to this firewall rule. What cou...

How does N5X Distributed IDS/IPS keep up to date with signatures?

Which two statements are true about NSX Intelligence? (Choose two.)

An administrator wants to use Distributed Intrusion Detection. How is this implemented in an NSX-T Data Center?

Information Security Management (ISM) describes a set of controls that organizations employ to protect which properties?

An NSX administrator is trying to find the dvfilter name of the sa-web-01 virtual machine to capture the sa-web-01 VM traffic. What could be a reason the sa-web-01 VM dvfilter name...

What is an unprotected traffic flow in NSX Intelligence?

Refer to the exhibit. A security administrator is configuring a time window to create a time-based distributed firewall rule. While configuring the time window, an error displayed...

When using URL Analysis In NSX-T, which two services must be set in the URL rule to capture traffic over TCP and UDP? (Choose two.)

Which 3 CU commands ant required to configure remote logging on an ESXI host? (Choose three.)

An administrator needs to configure their NSX-T logging to audit changes on firewall security policy. The administrator Is using the following command from NSX-T3.1 documentation :...

A customer has deployed NSX Intelligence appliance with an incorrect IP address. What should the customer do to correct the IP address?

A security administrator recently enabled Guest Introspection on NSX-T Data Center. Which would be a reason none of the Microsoft Windows based VMs are reporting any information?

What is the default action of the Default Layer 3 distributed firewall rule?

What is one of the main use-cases of NSX-T Endpoint Protection?

A security administrator is required to protect East-West virtual machine traffic with the NSX Distributed Firewall. What must be completed with the virtual machine's vNIC before a...

Which two criteria would an administrator use to filter firewall connection logs on NSX?

A security administrator is verifying why users are blocked from sports sites but are able to access gambling websites from the corporate network. What needs to be updated In nsx-T...

Refer to the exhibit. An administrator is reviewing NSX Intelligence information as shown in the exhibit. What does the red dashed line for the UDP:137 flow represent?

When configuring members of a Security Group, which membership criteria art permitted?

At which OSI Layer do Next Generation Firewalls capable of analyzing application traffic operate?

Which three are required to configure a firewall rule on a getaway to allow traffic from the internal to web servers? (Choose three.)

A customer has a requirement to achieve Zero-Trust Security and minimize operational overhead. Which VMware solution can be used by the customer to achieve the requirement?

An NSX administrator has been tasked with deploying a NSX Edge Virtual machine through an ISO image. Which virtual network interface card (vNIC) type must be selected while creatin...

Which esxcli command lists the firewall configuration on ESXi hosts?

Which three are required by URL Analysis? (Choose three.)

Which two are requirements for URL Analysis? (Choose two.)

Refer to the exhibit, what is the VMware recommended number of NSX Manager Nodes to additionally deploy to form an NSX-T Manager Cluster?

In a brownfield environment with NSX-T Data Center deployed and configured, a customer is interested in Endpoint Protection integrations. What recommendation should be provided to...

Which two are true of the NSX Gateway Firewall? (Choose two.)

At which two intervals are NSX-T IDS/IPS updates through VMware's cloud based internet service provided for threat signature files? (Choose two.)

Which two are the insertion points for North-South service insertion? (Choose two.)

Which are two use-cases for the NSX Distributed Firewall' (Choose two.)

An administrator wants to configure NSX-T Security Groups inside a distributed firewall rule. Which menu item would the administrator select to configure the Security Groups?

Reference the CLI output. What is the source IP address in the distributed firewall rule to accept HTTP traffic?

What component in a transport node receives the firewall configuration from the central control plane?

An NSX administrator has turned on logging for the distributed firewall rule. On an ESXi host, where will the logs be stored?

A Security Administrator needs to update their NSX Distributed IDS/IPS policy to detect new attacks with critical CVSS scoring that leads to credential theft from targeted systems....