Exam Code: 2V0-642 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: VMware Certified Professional 6 - Network Virtualization 6.2 Exam
Certification Provider: VMware
Free Today! Guaranteed Training- Pass 2V0-642 Exam.
Q17. A workload was attached to a logical switch port group in Compute Cluster 1. Users are complaining that I hey can communicate with other workloads on that port group in the cluster, but not with other workloads on different networks.
What is the most probable cause?
A. The distributed firewall has a default rule set to deny all
B. The Distributed Logical Router was not configured on Compute Cluster 1
C. Compute Cluster 1 is NOT a member of the Transport Zone
D. An NSX Edge has NOT been deployed into Compute Cluster 1
Answer: A
Q18. The fact that NSX Data Security has visibility into sensitive data provides which two benefits? (Choose two )
A. It helps address compliance and risk management requirements.
B. It acts as a forensic tool to analyze TCP and UDP connections between virtual machines
C. It is able to trace packets between a source and destination without requiring access to the guest OS
D. It eliminates the typical agent footprint that exists with legacy software agents
Answer: A,B
Q19. What are two things that should be done before upgrading from vCloud Networking and Security to NSX? (Choose two.)
A. Power off vShield Manager
B. Deploy NSX Manager virtualappliance
C. Uninstall vShield Data Security
D. Ensure that forward and reverse DNS is functional
Answer: C,D
Explanation:
Referencehttps://pubs.vmware.com/NSX- 62/index.jsp?topic=%2Fcom.vmware.nsx.upgrade.endpoint.doc%2FGUID-0D1B18B1-B5CC-483B-8BC0-95A2E8C025B9.html
Q20. An application requires load balancing with minimal impact to network performance. An NSX administrator is deploying a load balancer to meet the stated requirements.
Which load balancing engine should be deployed?
A. Layer 5
B. Layer 6
C. Layer 7
D. Layer 4
Answer: D
Explanation:
https://www.icc-usa.com/resources/vmw-nsx-network-virtualization-design-guide.pdf
Q21. What is one of the benefits of a spine-leaf network topology?
A. A loop prevention protocol is not required
B. Automatic propagation of security policies to all nodes
C. Allows for VXl ANs to be defined in h traditional network topology
D. Network virtualization relies on spine leaf topologies to create logical switches
Answer: D
Q22. An NSX administrator is creating a filter as shown below.
What would be the purpose of creating a filter?
A. To quickly add a new rule.
B. To temporarily filter traffic.
C. To quickly remove a rule.
D. To quickly identify rules.
Answer: D
Q23. Exhibit:
Which would best describe a workload in Compute Cluster 1 attached to a logical switch port group?
A. Within Compute Cluster 1, Layer 2 would function, but Layer 3 would fail.
B. Within Compute Cluster 1, Layer 2 would fail, and Layer 3 would fail.
C. Within ComputeCluster 1, Layer 2 would fail, but Layer 3 would function.
D. Within Compute Cluster 1, Layer 2 would function, and Layer 3 would function.
Answer: A
Explanation:
This has an interesting side effect: if you didn’t add all clusters of a given DVS to the TZ, those clusters you haven’t added will still have access to that Logical Switch. Let’s have a look at the following diagram:
From <https://telecomoccasionally.wordpress.com/2014/12/27/nsx-for-vsphere- understanding-transport-zone-scoping/>
his means that in out hypothetical case, if we were to create a DLR and connect to it that
LS we’ve created earlier, DLR instance would get created on hosts in clusters Comp B and
Mgmt / Edge, but not on hosts in clusteCr omp A:
From <https://telecomoccasionally.wordpress.com/2014/12/27/nsx-for-vsphere-understanding-transport-zone-scoping/
Q24. If the Applied To scope is set to Distributed Firewall, which virtual machines with have the firewall rule applied?
A. Only the virtual machines defined in the Source field.
B. Only virtual machines defined in the Destination field.
C. All virtual machines in a Datacenter.
D. All virtual machines on prepared hosts.
Answer: C
Explanation:
Referencehttp://www.routetocloud.com/2015/04/nsx-distributed-firewall-deep-dive/
Q25. Which three NSX services are available for synchronization in a Cross-vCenter implementation? (Choose three.)
A. Spoofguard
B. Distributed Firewall
C. Edge Firewall
D. Logical Switch
E. Transport Zone
Answer: B,D,E
Explanation:
Referencehttps://pubs.vmware.com/NSX- 62/topic/com.vmware.ICbase/PDF/nsx_62_cross_vc_install.pdf
Q26. An administrator has been asked to provide single failure redundancy. What is the minimum supported number of NSX Controllers needed to meet this requirement?
A. 2
B. 3
C. 1
D. 5
Answer: B
Explanation:
Referencehttp://www.vmwarearena.com/vmware-nsx-installation-part-4-deploying-nsx- controller/
Q27. Which two options are correct regarding vSphere Distributed Switches? (Choose two )
A. A single vDS can span multiple vCenter Servers
B. A single host can be attached to multiple vDS
C. A single vDS can span multiple hosts across multiple clusters
D. A vDS is automatically created when a new 802.1Q trunk is configured
Answer: A,B
Q28. Which type of VPN should be configured to ensure application mobility data centers?
A. Application VPN
B. L2VPN
C. IPSec VPN
D. SSL VPN-Plus
Answer: B
Explanation:
Referencehttps://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/nsx/vmw-nsx-network-virtualization-design-guide.pdf(page 23)
Q29. What is required before running an Activity Monitoring report?
A. Enable data collection on the NSX Controller.
B. Enable data collection on the vCenter Server.
C. Enable data collection on the NSX Manager.
D. Enable data collection on the virtual machine.
Answer: D
Q30. Which tool is used to detect rogue services?
A. NSX Logical Firewall
B. NSX Logical Router
C. Activity Monitoring
D. Flow Monitoring
Answer: D
Q31. You have deployed an Edge Services Gateway with the following interface configuration:
Your customer has requested that you provide the ability to use Remote Desktop Protocol to log into a virtual machine that has a tenant IP address of 192.168.7.21 using the provider IP address 192.168.100.4. You have performed the following configuration however, you cannot RDP into the virtual machine.
What configuration change do you need to make to allow this connection?
A. ChangeApplied Onto “Uplink”
B. Change theProtocolto “any”.
C. Change theTranslated Port/Rangeto “rdp”.
D. Swap theOriginal IP/RangeandTranslated IP/RangeIP Addresses.
Answer: A
Q32. Which two statements are true about NSX Data Security support? (Choose two )
A. It supports HIPAA and PCI-DSS compliance policies as well as U.S. Driver License and Social Security numbers.
B. It supports both Windows and Linux-based virtual machines.
C. It only supports HIPAA and PCI-DSS compliance policies.
D. It only supports Windows-based virtual machines.
Answer: B,C
Explanation:
Referencehttps://www.vmware.com/products/nsx.html