We provide real 2V0-642 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass VMware 2V0-642 Exam quickly & easily. The 2V0-642 PDF type is available for reading and printing. You can print more and practice many times. With the help of our VMware 2V0-642 dumps pdf and vce product and material, you can easily pass the 2V0-642 exam.
Q11. A workload was attached to a logical switch port group in Compute Cluster 1. Users are complaining that I hey can communicate with other workloads on that port group in the cluster, but not with other workloads on different networks.
What is the most probable cause?
A. The distributed firewall has a default rule set to deny all
B. The Distributed Logical Router was not configured on Compute Cluster 1
C. Compute Cluster 1 is NOT a member of the Transport Zone
D. An NSX Edge has NOT been deployed into Compute Cluster 1
Q12. What are two benefits of the NSX Distributed Firewall? (Choose two )
A. VMs are protected even as they are vMotioned
B. Each VM is individually protected by a L2-L4 stateful firewall
C. ESXi hosts are automatically protected by a distributed firewall
D. VXLANs are automatically protected by the Transport Zone definition
Q13. An NSX Edge Service Gateway has two interfaces:
• Internal interface named Internal Access
-- IP address = 10.10.10.1
-- Network mask = 255.255.255.0
• Uplink interface named Physical Uplink
-- IP address = 184.108.40.206
-- Network mask = 255.255.255.0
A vSphere administrator wants to add a SNAT rule to allow traffic from the internal network segment to access external resources via the uplink interface.
Which three steps should the vSphere administrator do to add the SNAT rule? (Choose three.)
A. Apply the SNAT rule to the Internal Access interface.
B. Select 10.10.10.1 as the translated source IP.
C. Apply the SNAT rule on the Physical Uplink interface.
D. Select 10.10.10.0/24 as the original subnet.
E. Choose 220.127.116.11 as the translated source IP address.
Q14. An NSX administrator is validating the setup for a new NSX implementation and inputs this command:
A. It helps verify that VXLAN segments are functional and the transport network supports the proper MTU size for NSX.
B. It helps verify that the source virtual machine is configured with the proper MTU size for NSX.
C. It helps verify that the NSX Controller is communicating with the destination VTEP.
D. It helps verify that the NSX Logical Switch is routing packets to the destination host.
Q15. An NSX environment requires physical NIC redundancy for all dvPortGroups when connecting hosts to the physical network. There are two 10Gb NIC's per host.
Which two teaming methods should be used to ensure both links are utilized simultaneously? (Choose two )
A. Virtual Port Channel
B. LACP Port-Channel
C. Static Port-Channel
D. Explicit Failover Order
Q16. A network administrator is troubleshooting an issue and needs to observe an injected packet as it passes through the physical and logical network.
Which tool will accomplish this?
C. Flow Monitoring
D. Activity Monitoring
Q17. Which three methods can be used by the NSX Distributed Firewall to discover IP addresses? (Choose three )
A. DHCP Snooping
B. IP Sets
C. Spoofguard configured forTrust on First Use.
D. VMware Tools installed on every guest virtual machine.
E. ARP Spoofing
Q18. From the NSX Edge CLI, which command would show VIP statistics?
A. show service loadbalancer pool
B. show service loadbalancer virtual
C. show service loadbalancer monitor
D. show service loadbalancer
Q19. What is the most restrictive NSX role that can be used to create and publish security policies and install virtual appliances?
A. Security Administrator
B. NSX Administrator
D. Enterprise Administrator
Q20. An administrator has been asked to provide single failure redundancy. What is the minimum supported number of NSX Controllers needed to meet this requirement?