VMware 2v0-81-20 practice test

Professional VMware Security Exam

Last exam update: Sep 29 ,2024
Page 1 out of 4. Viewing questions 1-15 out of 70

Question 1

In an NSX-T Data Center deployment, micro-segmentation via security policies is accomplished using
which component?

  • A. NSX Bridge Firewall
  • B. NSX Gateway Firewall
  • C. NSX Logical Router
  • D. NSX Distributed Firewall
Answer:

D


Reference:
https://infohub.delltechnologies.com/l/vmware-cloud-foundation-on-dell-emc-
vxrail/vmware-sddc-vision-
6#:~:text=NSX%20micro%2Dsegmentation%20is%20a,all%20hosts%20in%20the%20environment

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

Which are two use cases for NSX Intelligence? (Choose two.)

  • A. Perform day 2 network operations and troubleshooting.
  • B. Provide end-to-end network visibility for physical, virtual, and third-party environments.
  • C. Identify security vulnerabilities and automatically quarantine affected workloads.
  • D. Gain insight about micro-segmentation traffic flows.
  • E. Simplify rule recommendation and deployment.
Answer:

C, D

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 3

As an IT administrator, you want to prevent users from launching a protected SaaS web application
when they are not connected to the internal LAN. The application is federated with Workspace ONE
Access.
What can be configured to prevent the application from launching?

  • A. Access Policy
  • B. IdP Response
  • C. SAML Attribute
  • D. Authentication Method
Answer:

A


Reference:
https://docs.vmware.com/en/VMware-Workspace-ONE-Access/19.03/com.vmware.wsp-resource/GUID-57B66680-A118-47DD-B3A3-81EAD6D6CAA7.html

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

In what order are NSX-T Distributed Firewall rules processed?

  • A. Top-to-bottom, left-to-right, finding a rule match the packet is processed per the rule and stops.
  • B. Left-to-right, top-to-bottom, finding a rule match the packet is processed per the rule and stops.
  • C. Left-to-right, top-to-bottom, finding a rule match the packet is processed per the rule and continues to next rule.
  • D. Top-to-bottom, left-to-right, finding a rule match the packet is processed per the rule and continues to next rule.
Answer:

D


Reference:
https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.3/com.vmware.nsxt.admin.doc/GUID-22DF2616-8B3F-4E13-8116-B7501D2A8E6D.html

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

An administrator works for a company that supplies iOS devices to its employees. The administrator
is notified there is a security vulnerability with the latest version of iOS. The administrator must
prevent users from updating devices immediately. The administrator implements a device profile to
configure the updates payload and prevent the devices from detecting the update.
How long can devices be prevented from accessing the update from Apple?

  • A. 90 Days
  • B. 60 Days
  • C. 30 Days
  • D. 180 Days
Answer:

A


Reference:
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/iOS_Platform/GUID-OSMgmt.html

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

Which three tasks are completed during the installation of NSX-T Data Center Workflow for vSphere?
(Choose three.)

  • A. install NSX Edges, then create an NSX Edge cluster
  • B. create transport zones and set type to Overlay and VLAN; create host transport nodes and standard or enhanced N-VDS/VDS as needed
  • C. install the NSX Manager, configure a compute manager, deploy additional NSX Manager nodes to form a cluster
  • D. install NSX Tier-0 or Tier-1 gateways, then create an NSX Edge cluster
  • E. create transport zones and set type to VXLAN and VLAN; create host transport nodes and standard or enhanced N-VDS/VDS as needed
Answer:

A, B, C


Reference:
https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/installation/GUID-414C33B3-674F-44E0-94B8-BFC0B9056B33.html

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 7

In an NSX-T Data Center deployment, when assigning user rights, what right would an administrator
assign to a user to administer security compliance policies?

  • A. Auditor
  • B. Security Engineer
  • C. NSX Administrator
  • D. Security Administrator
Answer:

D


Reference:
https://docs.vmware.com/en/VMware-NSX-Data-Center-for-vSphere/6.4/com.vmware.nsx.admin.doc/GUID-79F9067D-2F29-45DA-85C7-09EFC31549EA.html

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

When creating a new Identity Provider (IdP) in Workspace ONE Access, which two methods are used
to identify users? (Choose two.)

  • A. SAML Attribute
  • B. NameID Element
  • C. UserID Element
  • D. User Attribute
  • E. SAML Response
Answer:

A, B


Reference:
https://docs.vmware.com/en/VMware-Workspace-ONE-Access/19.03/idm-administrator/GUID-0C459D5A-A0FF-4893-87A0-10ADDC4E1B8D.html

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 9

What traffic type is used to create an NSX Transport Zone to connect to the physical infrastructure?

  • A. Trunk
  • B. Vlan
  • C. Underlay
  • D. Overlay
Answer:

B


Reference:
https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/installation/GUID-F739DC79-4358-49F4-9C58-812475F33A66.html

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Which three options are used to automate patch remediation based on CVEs for Windows devices
using Workspace ONE Intelligence? (Choose three.)

  • A. Use Workspace ONE UEM console to approve patches.
  • B. Create Automated remediation based on Risk score.
  • C. Create automated remediation based on CVE vulnerabilities.
  • D. Identify vulnerable devices across the entire environment based on CVE information.
  • E. Create a dashboard to track CVE remediation.
Answer:

C, D, E


Reference:
https://techzone.vmware.com/meeting-security-slas-through-intelligent-patch-
automation-vmware-workspace-one-operational-tutorial#_1089620

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 11

An administrator has been asked to install Guest Introspection Thin Agent using VMware Tools on a
Windows 10 VDI solution.
Which statement is correct for enabling the Identity Firewall feature?

  • A. Guest Introspection drivers are included with VMware Tools for Windows and a reboot of the VM is required to initialize the drivers
  • B. To install Guest Introspection on a Windows VM, you must perform a custom install and select the drivers.
  • C. Guest Introspection drivers are available from third-party providers and can be initialized without a VM reboot.
  • D. Select Guest Introspection Drivers to install File Introspection (vsepfit) and Network Introspection (vnetfit) drivers.
Answer:

B


Reference:
https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.4/administration/GUID-756EF955-F2C1-47DD-946B-1B5E6DDC7BDA.html

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

Which statements is true about IPFIX (Internet Protocol Flow Information Export)?

  • A. When you enable IPFIX, all configured host transport nodes will send IPFIX messages to the IPFIX collectors using port 80.
  • B. When you enable IPFIX, all configured host transport nodes will send IPFIX messages to the IPFIX collectors using port 3389.
  • C. When you enable IPFIX, all configured host transport nodes will send IPFIX messages to the IPFIX collectors using port 443.
  • D. When you enable IPFIX, all configured host transport nodes will send IPFIX messages to the IPFIX collectors using port 4739.
Answer:

D


Explanation:
When you enable IPFIX, all configured host transport nodes will send IPFIX messages to the IPFIX
collectors using port 3389.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

What are the three types of NSX-T Data Center installation workflows? (Choose three. )

  • A. NSX-T for Bare Metal
  • B. NSX-T for OpenBox
  • C. NSX-T for VxRail
  • D. NSX-T for Hyper-V
  • E. NSX-T for KVM
  • F. NSX-T for vSphere
Answer:

A, E, F

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 14

A security administrator receives an error with code 1001 while configuring a time-based firewall
rule on an ESXi host.
Which two actions can resolve the problem? (Choose two.)

  • A. restarting the NSX firewall kernel module on the ESXi host
  • B. restarting the NTP service on the ESXi host
  • C. configuring the ESXi host with a remote NTP server
  • D. configuring the ESXi host with a local NTP server
  • E. reinstalling the NSX modules on the ESXi host
Answer:

B, E


Reference:
https://arabitnetwork.files.wordpress.com/2018/12/nsx_64_troubleshooting-
update4.pdf

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 15

A consulting security firm was hired to inspect your infrastructure for vulnerabilities.
The firm inspected these items:
badge readers to enter the datacenter
locks on server racks
security cameras in the datacenter
What type of infrastructure are they inspecting?

  • A. Virtual Infrastructure
  • B. Physical Infrastructure
  • C. Personnel Infrastructure
  • D. Logical Infrastructure
Answer:

B


Reference:
https://nces.ed.gov/pubs98/safetech/chapter5.asp

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2