Which three NSX Edge components are used for North-South Malware Prevention? (Choose three.)
Correct Answer: B,D,F
Explanation B: RAPID. This is correct. RAPID stands for Real-time Anti-malware Protection with Intelligent Detection. It is a component of the NSX Edge node that provides malware prevention for the north-south traffic. RAPID extracts files from the network traffic and analyzes them for malicious behavior using hash-based detection, local analysis, and cloud analysis techniques1 D: IDS/IPS. This is correct. IDS/IPS stands for Intrusion Detection and Prevention System. It is a component of the NSX Edge node that provides intrusion detection and prevention for the north-south traffic. IDS/IPS monitors the network traffic and compares it against a known set of signatures that specify patterns for different types of network intrusions. IDS/IPS can generate alerts or block the traffic based on the matching signatures and the configured actions2 F: Reputation Service. This is correct. Reputation Service is a component of the NSX Edge node that provides reputation-based filtering for the north-south traffic. Reputation Service uses a cloud-based database of known malicious IP addresses and domains to block or allow the traffic based on the reputation score of the source or destination. Reputation Service can also integrate with third-party reputation providers to enhance the security coverage3 A: Thin Agent. This is incorrect. Thin Agent is not a component of the NSX Edge node, but rather a component of the NSX Guest Introspection platform that runs on the virtual machine endpoints in the distributed east-west traffic. Thin Agent enables communication between the virtual machines and the NSX Manager, and facilitates malware prevention and intrusion detection on the host level. C: Security Hub. This is incorrect. Security Hub is not a component of the NSX Edge node, but rather a component of the VMware Cloud Services platform that provides a unified view of security posture across multiple cloud environments. Security Hub integrates with NSX Advanced Threat Prevention to collect and display security events, alerts, and recommendations from NSX IDS/IPS and NSX Malware Prevention features. E: Security Analyzer. This is incorrect. Security Analyzer is not a real product name or component name related to NSX Edge or NSX Advanced Threat Prevention. It is a fictional name that does not exist in the VMware portfolio. To learn more about NSX Edge components for North-South Malware Prevention, you can refer to the following resources: VMware NSX Documentation: Overview of NSX IDS/IPS and NSX Malware Prevention 2 VMware NSX Documentation: Configure North-South Malware Prevention 1 VMware NSX Documentation: Configure North-South Intrusion Detection and Prevention VMware NSX Documentation: Configure North-South Reputation-Based Filtering 3
Question 97
Which NSX CLI command is used to change the authentication policy for local users?
Correct Answer: D
According to the VMware NSX Documentation4, the set auth-policy command is used to change the authentication policy settings for local users, such as password length, lockout period, and maximum authentication failures. The other commands are either used to view the authentication policy settings (B), change the CLI session timeout (A), or change the hardening policy settings .
Question 98
Which of the two following characteristics about NAT64 are true? (Choose two.)
Correct Answer: C,E
Explanation NAT64 is a type of NAT that allows IPv6-only hosts to communicate with IPv4-only hosts by translating the IPv6 addresses to IPv4 addresses and vice versa. C: NAT64 is supported on Tier-0 and Tier-1 gateways. This is stated in the first result1, which says "Three types of NAT are supported, in addition to NAT64." E: NAT64 requires the Tier-1 gateway to be configured in active-active mode. This is implied by the third result2, which says "Stateful NAT is not supported in active-active mode." Since NAT64 is stateless, it can be supported in active-active mode.
Question 99
Which two built-in VMware tools will help identify the cause of packet loss on VLAN Segments? (Choose two.)
Correct Answer: A,C
Packet Capture allows you to capture packets on a specific interface or segment and analyze them using tools such as Wireshark or tcpdump. Packet Capture can help you diagnose network issues such as misconfigured MTU, incorrect VLAN tags, or firewall drops. Traceflow allows you to inject synthetic packets into the network and trace their path from source to destination. Traceflow can help you verify connectivity, routing, and firewall rules between virtual machines or segments. Traceflow can also show you where packets are dropped or modified along the way.
Question 100
Which CLI command shows syslog on NSX Manager?
Correct Answer: D
According to the VMware NSX CLI Reference Guide, this CLI command shows the syslog messages on the NSX Manager node. You can use this command to view the system logs for troubleshooting or monitoring purposes. The other options are either incorrect or not available for this task. get log-file auth.log is a CLI command that shows the authentication logs on the NSX Manager node, not the syslog messages. /var/log/syslog/syslog.log is not a CLI command, but a file path that may contain syslog messages on some Linux systems, but not on the NSX Manager node. show log manager follow is not a valid CLI command, as there is no show log command or manager option in the NSX CLI.
