Question No. 1

Which two are supported by L2 VPN clients? (Choose two.)

ANSX for vSphere Edge

B3rd party Hardware VPN Device

CNSX Autonomous Edge

DNSX Edge

Show Answer

Correct Answer: C, D

The following L2 VPN clients are recommended:

1. NSX Managed NSX Edge in a separate NSX Managed environment.

* Overlay and VLAN segments can be extended.

2. Autonomous Edge:

* Enables L2 VPN access from a non-a NSX environment to NSX environments.

* Deployed by using an OVF file on a host that is not managed by NSX.

* Only VLAN segments can be extended.

Question No. 2

As part of an organization's IT security compliance requirement, NSX Manager must be configured for 2FA (two-factor authentication).

What should an NSX administrator have ready before the integration can be configured? O

AActive Directory LDAP integration with OAuth Client added

BVMware Identity Manager with an OAuth Client added

CActive Directory LDAP integration with ADFS

DVMware Identity Manager with NSX added as a Web Application

Show Answer

Correct Answer: B

To configure NSX Manager for two-factor authentication (2FA), an NSX administrator must have VMware Identity Manager (vIDM) with an OAuth Client added. vIDM provides identity management services and supports various 2FA methods, such as VMware Verify, RSA SecurID, and RADIUS. An OAuth Client is a configuration entity in vIDM that represents an application that can use vIDM for authentication and authorization. NSX Manager must be registered as an OAuth Client in vIDM before it can use 2FA.Reference: : VMware NSX-T Data Center Installation Guide, page 19. : VMware NSX-T Data Center Administration Guide, page 102.: VMware Blogs: Two-Factor Authentication with VMware NSX-T

Question No. 3

Which three protocols could an NSX administrator use to transfer log messages to a remote log server? (Choose three.)

AHTTPS

BTCP

CSSH

DUDP

ETLS

FSSL

Show Answer

Correct Answer: B, D, E

An NSX administrator can use TCP, UDP, or TLS protocols to transfer log messages to a remote log server. These protocols are supported by NSX Manager, NSX Edge, and hypervisors for remote logging. A Log Insight log server supports all these protocols, as well as LI and LI-TLS, which are specific to Log Insight and optimize network usage. HTTPS, SSH, and SSL are not valid protocols for remote logging in NSX-T Data Center.Reference: : VMware NSX-T Data Center Administration Guide, page 102.: VMware Docs: Configure Remote Logging

Question No. 4

Which two commands does an NSX administrator use to check the IP address of the VMkernel port for the Geneve protocol on the ESXi transport node? (Choose two.)

Aesxcfg-nics -1l

Besxcli network ip interface ipv4 get

Cesxcli network nic list

Desxcfg-vmknic -1

Enet-dvs

Show Answer

Correct Answer: B, C

https://docs.vmware.com/jp/VMware-NSX/4.1/installation/GUID-B7E7371E-A9F6-4880-B184-E00A62C0C818.html

Question No. 5

Which two steps must an NSX administrator take to integrate VMware Identity Manager in NSX to support role-based access control? (Choose two.)

ACreate a SAML authentication in VMware Identity Manager using the NSX Manager FQDN.

BEnter the Identity Provider (IdP) metadata URL in NSX Manager.

CCreate an OAuth 2.0 client in VMware Identity Manager.

DAdd NSX Manager as a Service Provider (SP) in VMware Identity Manager.

EEnter the service URL, Client Secret, and SSL thumbprint in NSX Manager.

Show Answer

Correct Answer: C, E

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/administration/GUID-EAAD1FBE-F750-4A5A-A3BF-92B1E7D016FE.html

Free VMware 2V0-41.23 Exam Actual Questions

The questions for 2V0-41.23 were last updated On May 4, 2024