VMware Certified Professional 6 – Network Virtualization NSX v6.2 (2V0-642) for VCP6-NV 2020 Exam Questions and Answers

Question 61: What is the most restrictive NSX role that can be used to create and publish security policies and install virtual appliances?

A. Security Administrator
B. NSX Administrator
C. Auditor
D. Enterprise Administrator

Question 62: The fact that NSX Data Security has visibility into sensitive data provides which two benefits? (Choose two.)

A. It helps address compliance and risk management requirements.
B. It acts as a forensic tool to analyze TCP and UDP connections between virtual machines.
C. It is able to trace packets between a source and destination without requiring access to the guest OS.
D. It eliminates the typical agent footprint that exists with legacy software agents.

Question 63: What are two benefits of the NSX Distributed Firewall? (Choose two.)

A. VMs are protected even as they are vMotioned.
B. Each VM is individually protected by a L2-L4 stateful firewall.
C. ESXi hosts are automatically protected by a distributed firewall.
D. VXLANs are automatically protected by the Transport Zone definition.

Question 64: How many vCenter Server environments can a single NSX Manager serve at one time?

A. 2000 vCenter Servers
B. 10 vCenter Servers
C. 1 vCenter Server
D. 2 vCenter Servers

Question 65: A new ESXi host was added to an existing cluster, prepared for NSX and enabled for Distributed Firewall, logical switching and Logical Routing. The Host Preparation page in the NSX Web UI shows this new host is in Ready state and the Logical Network Preparation tab displays the VXLAN VTEPs are correctly configured. Virtual machines on the new host can communicate with each other but CANNOT communicate with VMs running on other hosts and connected to the same Logical Switch. Which condition below will result in the described behavior on the new host?

A. NSX Edge is powered off
B. Host Agent (vpxa) to vCenter is disconnected
C. Rabbitmq message bus connection (vsfwd) to NSX Manager is down
D. Network Control Plane Agent (netcpa) connection to the controller is down

Question 66: Which two options are correct regarding vSphere Distributed Switches? (Choose two.)

A. A single vDS can span multiple vCenter Servers.
B. A single host can be attached to multiple vDS.
C. A single vDS can span multiple hosts across multiple clusters.
D. A vDS is automatically created when a new 802.1Q trunk is configured.

Question 67: What are two requirements of the network infrastructure to the access layer? (Choose two)

A. IPv4 connectivity among ESXi hosts provided by a spine-leaf network design.
B. IPv4 connectivity among ESXi hosts.
C. Increased MTU if the virtual machines are using the default MTU size of 1500.
D. A Redundant, Layer 3, Top-of-Rack network design to provide high availability to ESX hosts.

Question 68: Which tool is used to detect rogue services?

A. NSX Logical Firewall
B. NSX Logical Router
C. Activity Monitoring
D. Flow Monitoring

Question 69: When defining membership for a security group, which three identifiers can be used for dynamic inclusion? (Choose three.)

A. VM folder
B. Computer OS Name
C. ESXi host
D. VM Name
E. Security Tag

Question 70: Your environment has two sites designated as Site A and Site B. Each site has its own vCenter Server instance with NSX installed and configured in standalone mode. You are migrating the environment to Cross vCenter and have already promoted Site A to the Primary role. What action must be taken before the NSX Manager at Site B can be changed to Secondary?

A. Migrate the Site B Controllers to Site A.
B. Convert the Site B Controllers to Universal Controllers.
C. Remove any logical switches from the Site B NSX Controller.
D. Delete the Controllers at Site B.