2V0-642 Online Practice Questions and Answers

An NSX Edge Service Gateway has two interfaces:

*

Internal interface named Internal Access

-- IP address = 10.10.10.1

-- Network mask = 255.255.255.0

*

Uplink interface named Physical Uplink

-- IP address = 20.20.20.1

-- Network mask = 255.255.255.0

A vSphere administrator wants to add a SNAT rule to allow traffic from the internal network segment to

access external resources via the uplink interface.

Which three steps should the vSphere administrator do to add the SNAT rule? (Choose three.)

A. Apply the SNAT rule to the Internal Access interface.

B. Select 10.10.10.1 as the translated source IP.

C. Apply the SNAT rule on the Physical Uplink interface.

D. Select 10.10.10.0/24 as the original subnet.

E. Choose 20.20.20.2 as the translated source IP address.

When deploying a standalone NSX Edge as a Layer 2 VPN client, which port needs to be configured on the client vSphere Distributed Switch?

A. Trunk port

B. Span port

C. Sink port

D. Mirror port

A new ESXi host was added to an existing cluster, prepared for NSX and enabled for Distributed Firewall, logical switching and Logical Routing. The Host Preparation page in the NSX Web UI shows this new host is in Ready state and the Logical Network Preparation tab displays the VXLAN VTEPs are correctly configured. Virtual machines on the new host can communicate with each other but CANNOT communicate with VMs running on other hosts and connected to the same Logical Switch. Which condition below will result in the described behavior on the new host?

A. NSX Edge is powered off

B. Host Agent (vpxa) to vCenter is disconnected

C. Rabbitmq message bus connection (vsfwd) to NSX Manager is down

D. Network Control Plane Agent (netcpa) connection to the controller is down

A user has configured a specific distributed firewall rule preventing VM-A (172.16.10.11) on the Web-Logical Switch to communicate to VM-B (172.16.20.11), running on the same switch. After the changes, the user is still able to communicated to VM-A from VM-B.

To debug this anomaly, the user will need to obtain logs from which component?

A. The Distributed Logical Router

B. The Edge Services Gateway

C. The appropriate ESXi Hosts(s)

D. The appropriate NSX Controller(s)

A workload was attached to a logical switch port group in Compute Cluster 1. Users are complaining that they can communicate with other workloads on that port group in the cluster, but not with other workloads on different networks.

What is the most probable cause?

A. The distributed firewall has a default rule set to deny all.

B. The Distributed Logical Router was not configured on Compute Cluster 1.

C. Compute Cluster 1 is NOT a member of the Transport Zone.

D. An NSX Edge has NOT been deployed into Compute Cluster 1.

What are two roles of vmnics? (Choose two.)

A. ESXi hosts reach the physical network through vmnics.

B. Virtual machines require vmnics to communicate with their host.

C. ESXi hosts are segmented using vmnics, also called virtual trunk ports.

D. Virtual machines require vmnics to communicate with physical networks.

What vSphere Distributed Switch security policy allows virtual machines to send frames with a MAC Address that is different from the one specified in the vmx file?

A. MAC Address Changes

B. Failover detection

C. Forged Transmits

D. Promiscuous Mode

In a Cross-vCenter NSX deployment, what are two requirements that must be met in order for an administrator to deploy both universal logical switches and local logical switches within the same vCenter instance? (Choose two.)

A. A universal distributed logical router must be created.

B. A local distributed logical router must be created.

C. A universal transport zone must be created.

D. A local transport zone must be created.

Which NSX component can validate that security policies at your organization are being enforced correctly?

A. Activity Monitoring

B. Flow Monitoring

C. ERSPAN

D. Distributed firewalls

An NSX administrator determines that routing adjacency a NSX Edge device and a Top Of Rack L3 switch CANNOT be established. Which two logs would be the most useful in resolving this issue? (Choose two.)

A. NSX Manager Logs

B. Edge Services Gateway logs

C. Distributed Router Logs

D. NSX Controller logs