VMware 2v0-81-20 practice test

Professional VMware Security Exam

Last exam update: Feb 14 ,2024
Page 1 out of 5. Viewing questions 1-15 out of 70

Question 1

An administrator has added a new ESXi host to a vCenter Server Cluster with NSX-T Data Center
already working. The administrator installed NSX-T Data Center components in the new ESXi. When
the administrator deploys a new VM in the host, connectivity tests good with ping, but SSH session
traffic is erratic. The VDS and NSX-T Data Center configuration is the same as each ESXI in the Cluster,
but only VMs in the new ESXI are having problems.
What should the administrator do to address the problem?

  • A. Verify VLAN connection in each physical uplink.
  • B. Verify MTU configuration in each physical uplink.
  • C. Change VDS MTU to 1500 in each physical uplink.
  • D. Change VDS MTU to 2000 in each physical uplink.
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.0/nsxt_30_install.pdf
(144)

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

Where in the NSX UI does an administrator deploy NSX Intelligence?

  • A. Go to Plan & Troubleshoot > Configuration > ADD NSX INTELLIGENCE APPLIANCE
  • B. Go to Security > Configuration > Appliances > ADD NSX INTELLIGENCE APPLIANCE
  • C. Go to System > Configuration > Appliances > ADD NSX INTELLIGENCE APPLIANCE
  • D. Go to Home > Configuration > Appliances > ADD NSX INTELLIGENCE APPLIANCE
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.vmware.com/en/VMware-NSX-Intelligence/1.2/installation/GUID-45906AC9-7FD7-441E-83F9-E83CC68E8148.html

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

What is the number of NSX managers that can be deployed in a NSX-T Data Center production
environment?

  • A. a single NSX Manager and three NSX Controllers
  • B. a NSX Management Cluster of three Managers and a NSX Controllers Cluster of three Controllers
  • C. a single NSX Management Cluster of three Managers which includes the NSX Controller function
  • D. a single NSX Manager and a single NSX Controller
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://virtualg.uk/how-to-install-nsx-t-manager-3-
x/#:~:text=Recall%20that%203%20NSX%20Managers,not%20require%20a%20supported%20configu
ration

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Users on iOS and Android devices are being prompted for their credentials when accessing an
application protected by Workspace ONE Access.
The current configuration includes:
Workspace ONE UEM is integrated with Workspace ONE Access
Workspace ONE UEM has a Certificate Authority configured
Single sign-on has been enabled through device profiles
What authentication method can be used to allow iOS and Android devices to launch an application
without being prompted for credentials?

  • A. TRUESSO
  • B. Kerberos
  • C. Mobile SSO
  • D. Windows SSO
  • E. OKTA
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%

Reference:
https://darrylmiles.blog/2019/03/16/setting-up-workspace-one-single-sign-on-sso-and-
conditional-access/

Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 5

When creating a compliance policy in Workspace ONE UEM, which three of the following options are
valid Notify actions? (Choose three.)

  • A. Send SMS to Device
  • B. Send Push Notification to Device
  • C. Voice Call to User
  • D. Send Email to User
  • E. SMS to Manager
Answer:

A, B, D

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%

Reference:
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/UEM_Managing_Devices/GUID-CompliancePolicies.html

Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 6

An administrator has created a security policy from the NSX UI, but the firewall rules are not being
applied to the traffic in the datapath.
Which two actions could be carried out by the administrator to resolve the problem? (Choose two.)

  • A. Modify the Direction of the rules in the security policy.
  • B. Modify the Action of the rules in the security policy.
  • C. Restart the workloads running on the impacted hosts.
  • D. Modify the Applied To field of the security policy.
  • E. Restart the nsx-proxy agent on the impacted hosts.
Answer:

B, C

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 7

When creating an NSX-T Data Center Firewall rule to prevent all communication between same
scope objects, what must be true of the first firewall rule?

  • A. The port will be 443.
  • B. The logging would be on.
  • C. The source and destination are the same.
  • D. The firewall action would be rejected.
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

What is used to establish trust with an identity provider in Workspace ONE Access?

  • A. SAML Attribute
  • B. SAML Metadata
  • C. SAML Context
  • D. SAML Request
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.vmware.com/en/VMware-Workspace-ONE-Access/20.01/ws1_access_authentication/GUID-0C459D5A-A0FF-4893-87A0-10ADDC4E1B8D.html

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

In a Workspace ONE environment, what is the maximum number of days a Windows Feature Update
(Windows 10 1703 and above) can be deferred?

  • A. 7
  • B. 90
  • C. 365
  • D. 30
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2011/Windows_Desktop_Device_Management/GUID-AWT-PROFILE-WAU-CONFIGWD.html#:~:text=The%20maximum%20number%20of%20days,defer%20up%20to%20365%
20days

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

A company has just implemented new security guidelines in regards to device management. All iOS
devices must now require a passcode to unlock the device.
An administrator must implement these requirements:
all iOS devices must have a passcode
minimum passcode length of 6 numerals
auto-lock after 2 minutes
What type of profile in Workspace ONE UEM would the administrator create to accomplish this task?

  • A. Compliance Profile
  • B. User Profile
  • C. Device Profile
  • D. Access Profile
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/iOS_Platform/GUID-DeviceMgmtOverview.html

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

In an NSX-T Data Center deployment, micro-segmentation via security policies is accomplished using
which component?

  • A. NSX Bridge Firewall
  • B. NSX Gateway Firewall
  • C. NSX Logical Router
  • D. NSX Distributed Firewall
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://infohub.delltechnologies.com/l/vmware-cloud-foundation-on-dell-emc-
vxrail/vmware-sddc-vision-
6#:~:text=NSX%20micro%2Dsegmentation%20is%20a,all%20hosts%20in%20the%20environment

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

Which are two use cases for NSX Intelligence? (Choose two.)

  • A. Perform day 2 network operations and troubleshooting.
  • B. Provide end-to-end network visibility for physical, virtual, and third-party environments.
  • C. Identify security vulnerabilities and automatically quarantine affected workloads.
  • D. Gain insight about micro-segmentation traffic flows.
  • E. Simplify rule recommendation and deployment.
Answer:

C, D

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 13

As an IT administrator, you want to prevent users from launching a protected SaaS web application
when they are not connected to the internal LAN. The application is federated with Workspace ONE
Access.
What can be configured to prevent the application from launching?

  • A. Access Policy
  • B. IdP Response
  • C. SAML Attribute
  • D. Authentication Method
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.vmware.com/en/VMware-Workspace-ONE-Access/19.03/com.vmware.wsp-resource/GUID-57B66680-A118-47DD-B3A3-81EAD6D6CAA7.html

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

In what order are NSX-T Distributed Firewall rules processed?

  • A. Top-to-bottom, left-to-right, finding a rule match the packet is processed per the rule and stops.
  • B. Left-to-right, top-to-bottom, finding a rule match the packet is processed per the rule and stops.
  • C. Left-to-right, top-to-bottom, finding a rule match the packet is processed per the rule and continues to next rule.
  • D. Top-to-bottom, left-to-right, finding a rule match the packet is processed per the rule and continues to next rule.
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.3/com.vmware.nsxt.admin.doc/GUID-22DF2616-8B3F-4E13-8116-B7501D2A8E6D.html

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

An administrator works for a company that supplies iOS devices to its employees. The administrator
is notified there is a security vulnerability with the latest version of iOS. The administrator must
prevent users from updating devices immediately. The administrator implements a device profile to
configure the updates payload and prevent the devices from detecting the update.
How long can devices be prevented from accessing the update from Apple?

  • A. 90 Days
  • B. 60 Days
  • C. 30 Days
  • D. 180 Days
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/iOS_Platform/GUID-OSMgmt.html

Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2