QUESTION: 17

There has been a confirmed case of virus infection on multiple VMs managed by Endpoint

Protection. A security administrator wants to create a group to quarantine infected VMs in the future.
What criteria will be used to build this group?

NSX Tags
Segment
vSphere Tags
VM Name

Answer(s): C

Explanation:

vSphere Tags are labels that can be used to group and categorize virtual machines and other objects. The security administrator can create a tag for quarantined VMs and assign it to any VMs that are confirmed to be infected. This will help identify and isolate the infected VMs more quickly and easily in the future.

Reference:

https://docs.vmware.com/en/VMware-
vSphere/7.0/com.vmware.vsphere.security.doc/GUID-2AAB1D7A-E6A6-47F7-9B28- F9C9DED1C6B7.html

Reveal Solution Next Question

QUESTION: 18

A security administrator has configured NSX Intelligence for discovery. They would like to get recommendations based on the changes in the scope of the input entities every hour.
What needs to be configured to achieve the requirement?

Start a new recommendation.
Publish the recommendations.
Toggle the monitoring option on.
Adjust the time range to 1 hour.

Answer(s): D

Explanation:

NSX Intelligence uses machine learning algorithms to analyze network traffic and provide recommendations for security and compliance. The administrator can configure the time range of the input entities to be analyzed, so that the recommendations are based on changes in the scope of the input entities over that period of time.
To achieve the requirement of getting recommendations based on the changes in the scope of the input entities every hour, the administrator needs to adjust the time range to 1 hour. This will ensure that the analysis and recommendations are based on the most recent hour of network traffic.

Reference:

VMware NSX Intelligence documentation https://docs.vmware.com/en/VMware-NSX-T-Data- Center/3.1/com.vmware.nsxt.intelligence.doc/GUID-F2F1D7E8-F6B2-4870-9E38- 7C8D3D3F9B1E.html
VMware NSX Intelligence Configuration documentation https://docs.vmware.com/en/VMware-NSX- T-Data-Center/3.1/com.vmware.nsxt.intelligence.config.doc/GUID-7F44F3D3-3A3C-4EBE-A5D5-

F1E3E3F59A8B.html

Reveal Solution Next Question

QUESTION: 19

Which of the following describes the main concept of Zero-Trust Networks for network connected devices?

Network connected devices should only be trusted if they are issued by the organization.
Network connected devices should only be trusted if the user can be successfully authenticated.
Network connected devices should only be trusted if their identity and integrity can be verified continually.
Network connected devices should only be trusted if they are within the organizational boundary.

Answer(s): C

Explanation:

Zero-Trust Networks is a security concept that assumes that all devices, users, and networks are untrusted until they can be verified. This means that all network-connected devices must be verified for their identity and integrity before they are granted access to resources. This is done continually, meaning that devices are verified every time they try to access a resource, rather than being trusted permanently.
1. Network connected devices should only be trusted if their identity and integrity can be verified continually. This is the main concept of Zero-Trust Networks, every device that wants to access the network should be authenticated and verified its identity and integrity.

Reference:

Zero Trust Networks, Forrester Research https://www.forrester.com/report/Zero+Trust+Networks/- /E-RES146810
Zero Trust Security: From Theory to Practice, NIST
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800

Reveal Solution Next Question

QUESTION: 20

Which three security objects are provided as an output in a recommendation session in NSX Intelligence? (Choose three.)

context profiles
distributed firewall rules
security service
gateway firewall rules
security groups

Answer(s): B,C,D

Explanation:

NSX Intelligence uses machine learning algorithms to analyze network traffic and provide recommendations for security and compliance. These recommendations include the following security objects:
Distributed Firewall Rules: Distributed firewall rules are used to control traffic between virtual machines within a logical network. NSX Intelligence can recommend new distributed firewall rules based on traffic patterns it observes in the network.
Security Service: Security services are used to protect virtual machines and networks from threats. NSX Intelligence can recommend new security services to be deployed based on traffic patterns it observes in the network.
Security Groups: Security groups are used to group virtual machines and networks together for security and management purposes. NSX Intelligence can recommend new security groups to be created based on traffic patterns it observes in the network.
1. context profiles are not an output from a recommendation session in NSX Intelligence. It is used to define the context of the network traffic that is being analyzed, such as the type of device, the network location, or the user.
2. gateway firewall rules are not an output from a recommendation session in NSX Intelligence. Gateway firewall rules are used to control traffic between logical networks, such as between a VLAN and a VXLAN, or between a logical network and the physical network.

Reference:

VMware NSX Intelligence documentation https://docs.vmware.com/en/VMware-NSX-T-Data- Center/3.1/com.vmware.nsxt.intelligence.doc/GUID-F2F1D7E8-F6B2-4870-9E Top of Form
Bottom of Form

Reveal Solution Next Question

Free 5V0-41.21 Exam Braindumps (page: 5)

QUESTION: 17

Explanation:

Reference:

QUESTION: 18

Explanation:

Reference:

QUESTION: 19

Explanation:

Reference:

QUESTION: 20

Explanation:

Reference: