2V0-641 Exam Dumps, 2V0-641 PDF Dumps, 2V0-641 VCE Dumps, Network Virtualization Dumps

New 2V0-641 Dumps with VCE and PDF from PassLeader (Question 16 – Question 30)

by admin

100% valid 2V0-641 exam questions from PassLeader 2V0-641 dumps! Welcome to download the newest & 100% pass guarantee PassLeader 2V0-641 VCE and PDF dumps: http://www.passleader.com/2v0-641.html (189 Q&As)

P.S. Free & New 2V0-641 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpcEV1VU1VUkNtaG8

QUESTION 16
A company wants to deploy VMware NSX for vSphere with no PIM and no IGMP configured in the underlying physical network. This company also must ensure that non- ESXi hosts do not receive broadcast, unknown unicast or multicast (BUM) traffic. Which replication mode should the logical switches be deployed with?

A.    Unicast Replication Mode
B.    Multicast Replication Mode
C.    Hybrid Replication Mode
D.    Transport Zone Mode

Answer: A

QUESTION 17
Your data center clusters are configured as shown in the exhibit:
passleader-2V0-641-dumps-171
Core0 uses Virtual SAN and hosts virtual machines running the following components:
– vCenter Server
– Single Sign-On Server
– Update Manager
– SQL Server database
Core1, Core2, and Core3 use a single Fibre Channel attached storage array. Core1 hosts over 500 virtual machines. Core2 hosts over 400 virtual machines. Core3 hosts 100 virtual machines. Following VMware’s best practices, NSX Controller components should be deployed to which location(s)?

A.    Deploy three NSX Controllers, one on each host of Core0.
B.    Deploy four NSX controllers, one on each cluster in the data center.
C.    Deploy 27 NSX controllers, one for each host in the data center.
D.    Deploy three NSX controllers. Deploy one in Core1, one in Core2, and one in Core3.

Answer: A

QUESTION 18
Your data center is made up of two VMware vCenter Server instances. Each vCenter Server manages three clusters with 16 hosts per cluster. In preparing for your VMware NSX deployment, how many vShield Endpoint instances will you have?

A.    2
B.    6
C.    48
D.    96

Answer: D

QUESTION 19
After deploying NSX, an administrator does not see the Networking & Security tab when connecting to the vCenter Server using the vSphere Web Client. What should the administrator do?

A.    Register the NSX Manager with the vCenter Server.
B.    Register the NSX Manager with the Inventory Service.
C.    The NSX Controllers must be deployed before NSX Manager is available.
D.    The NSX Manager must be configured to use Single Sign-On before it will be available.

Answer: A

QUESTION 20
A company hosts an internal website on multiple virtual machines attached to a Logical Switch with VNI 7321. A Distributed Router serves as the virtual machines’ default gateway. When an user resolves the URL for the website, the internal DNS server responds with the IP address of one of the virtual machine’s IP addresses in a round robin fashion. This approach results in some virtual machines having a much higher number of user sessions than others. The company wants to deploy a NSX Edge Service Load Balancer to improve on this situation. Which distribution method can be configured on the NSX Edge Load Balancer to meet the company’s needs?

A.    LEAST_CONN
B.    IP_HASH
C.    LEAST_LOAD
D.    URI

Answer: A

QUESTION 21
Which two statements are true regarding Layer 2 VPNs? (Choose two.)

A.    Layer 2 VPNs are used to securely extend Ethernet segments over an untrusted medium.
B.    The NSX Edge Service Gateway can form a Layer 2 VPN with a standards-compliant physical appliance.
C.    The Distributed Router can form a Layer 2 VPN to another Distributed Router or NSX Edge Service Gateway.
D.    Layer 2 VPNs require the two VPN endpoints be in the same Layer 2 segment.

Answer: AB

QUESTION 22
A vSphere administrator wants to setup an NSX Edge Service Gateway to provide traveling employees secure access to company servers located in specific network segments within the corporate Data Center. The remote access solution must provide a method to authenticate the users. Which two methods can be used with the NSX Edge Service Gateway? (Choose two.)

A.    TACACS+
B.    MS-CHAP
C.    RSA Secure ID
D.    Active Directory

Answer: CD

QUESTION 23
A company has augmented its Data Center infrastructure by using vCloud Hybrid Service during peak hours. The company wants to extend their existing subnets into the cloud while workloads retain their existing IP addresses. The virtual machines in these subnets use an NSX Edge Gateway as their default gateway. Which solution should this company use?

A.    Layer 2 VPN
B.    MPLS VPN
C.    IPSec VPN
D.    SSL VPN

Answer: A

QUESTION 24
A vSphere administrator wants to setup an NSX Edge Service Gateway to provide traveling employees secure access to company servers located in specific network segments within the corporate Data Centers. The solution has to be as scalable as possible. Which Virtual Private Network solution will satisfy the administrator’s requirements?

A.    SSL VPN
B.    MPLS VPN
C.    Layer 2 VPN
D.    IPSec VPN

Answer: A

QUESTION 25
Which statement is true regarding an NSX Edge gateway device configured with a DNS Server?

A.    The NSX Edge will forward all DNS requests from virtual machines sent to it to the DNS Server.
B.    The NSX Edge configuration will override the DNS Server configured by the NSX Manager.
C.    The NSX Edge registers the DNS Server with the NSX Controller.
D.    The NSX Edge periodically synchronizes its DNS tables with the primary DNS Server.

Answer: A

QUESTION 26
An NSX Edge Service Gateway has two interfaces:
Internal interface named Internal Access
— IP address = 10.10.10.1
— Network mask = 255.255.255.0
Uplink interface named Physical Uplink
— IP address = 20.20.20.1
— Network mask = 255.255.255.0
A vSphere administrator wants to add a SNAT rule to allow traffic from the internal network segment to access external resources via the uplink interface. Which three steps should the vSphere administrator do to add the SNAT rule? (Choose three.)

A.    Apply the SNAT rule to the Internal Access interface.
B.    Select 10.10.10.1 as the translated source IP.
C.    Apply the SNAT rule on the Physical Uplink interface.
D.    Select 10.10.10.0/24 as the original subnet.
E.    Choose 20.20.20.2 as the translated source IP.

Answer: CDE

QUESTION 27
An administrator manages a TFTP server virtual machine that is connected to a Logical Switch with a VNI of 7321. The TFTP server has been configured to use port 1069. An NSX Edge Service Gateway is connected to VNI 7321 and has an uplink interface with access to the physical network. Assume external users can reach the Service Gateway. What should the administrator configure to ensure external connections to the TFTP server are successful?

A.    Create a DNAT rule with the original port of 69 and translated port of 1069.
B.    Create a SNAT rule with the original port of 1069 and translated port of 69.
C.    Create a SNAT rule with the original port of 69 and translated port of 1069.
D.    Create a DNAT rule with the original port of 1069 and translated port of 69.

Answer: A

QUESTION 28
Which two actions take place when an active NSX Edge instance fails? (Choose two.)

A.    Once the original NSX Edge instance is recovered, it preempts the other NSX Edge instance and takes over the active role.
B.    The standby NSX Edge instance becomes the active instance and requests routing updates from the routing neighbors.
C.    Once the original NSX Edge instance is recovered, the NSX Manager attempts to place it on a different host from the other NSX Edge instance.
D.    The standby NSX Edge instance becomes the active instance and retains any routing neighbor adjacencies.

Answer: CD

QUESTION 29
Which two statements are true regarding NSX High Availability? (Choose two.)

A.    NSX HA is configured as Active-Active.
B.    NSX HA is configured as Active-Standby.
C.    If an Active node fails, there is no service interruption during failover.
D.    If an Active node fails, there is a 15 second service interruption during failover.

Answer: BC

QUESTION 30
Where does the Distributed Logical Firewall enforce firewall rules?

A.    At the Virtual Machine’s virtual Network Interface Card (vNIC).
B.    At the Logical Switch virtual port that the Virtual Machine connects to.
C.    At the NSX Controller’s firewall kernel module.
D.    At the ESXi host vmnic used by the vSphere Distributed Switch.

Answer: A

100% valid 2V0-641 exam questions from PassLeader 2V0-641 dumps! Welcome to download the newest & 100% pass guarantee PassLeader 2V0-641 VCE and PDF dumps: http://www.passleader.com/2v0-641.html (189 Q&As)

P.S. Free & New 2V0-641 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpcEV1VU1VUkNtaG8