Network security is a major concern for your customer, and you have to ensure your design will adequately protect confidential data from within your network and be able to meet the regulatory compliance requirements of your customer’s business. Which VMware security management product would be best suited for this task? Choose one.

 

A:

VMware Platform Security

vShield App

vShield Endpoint

vShield Edge

You have developed a virtual network design that makes use of standard virtual switches with four uplinks teamed using Route based on IP hash. During testing you find that some virtual machine traffic is failing to reach its destination but this is not consistent. Which of the following items should you check to ensure that the environment is configured correctly for this type of load balancing? Choose two.  A:

Ensure that the physical ports on the switches are configured to use LACPEnsure that the physical ports on the switches are configured to use static EtherchannelEnsure that the physical uplinks are not connected to separate physical switches that are not stackedEnsure that the physical uplinks are all connected to a single physical switch

Your customer has a datacenter where each ESXi host can have only a limited number of physical uplinks. Under normal operation, each virtual network will have two uplinks, but there is not enough capacity to dedicate standby NICs to handle failures. You want to ensure that each virtual network will always use its own dedicated uplinks but that during NIC, link or physical switch failures the uplinks from other virtual networks can be used. Which specific Failover Policies allow you to manage which uplinks are used during and after failures? Choose two.  A:

Network Failure Detection

Notify Switches

Failover Order

Failback

Following some reconfiguration work on the virtual network configuration of your customer’s vSphere 5.1 hosts, network traffic has suddenly stopped for one segment of the network. Monitoring the physical switch shows that all packets of data from that segment are either being dropped or the router is responding with messages indicating TTL’s have been exceeded. Which of the following items are most likely to be the cause of this issue? Choose two.

 

A:

The port group name is incorrect

The VLAN ID is wrong for that segment

The MTU is incorrect

The Uplink (vmnic) has failed

The Cable between the physical switch and physical uplink (vmnic) has failed and beacon packets are causing a broadcast storm

Your customer has a test vSphere environment with vCenter Foundation and three ESXi hosts running vSphere 5.1 Enterprise Edition. They have standardized on Cisco network equipment in their environment and have been trying to install a Cisco Nexus 1000V virtual Switch. They have tried to import the virtual switch appliance but this has failed. Why are they unable to install this appliance? Choose one.  A:

Their ESXi Enterprise Edition license does not support Distributed Virtual SwitchesThey need to acquire a Cisco virtual appliance license before importing the applianceThey need to configure vCenter the Cisco vSwitch plugin before trying to import the applianceTheir vCenter Foundation license does not support Distributed Virtual Switches

You have been tasked with updating the virtual networking design for a growing virtual infrastructure. You are restricted to a fixed set of IP addresses and, while you are successfully using subnets and VLANs to segregate traffic today, these will not be sufficient to handle the expected growth. Which two VMware technologies should you consider in order to help deal with the expected growth? Choose two.  A:

PVLAN

NIOC

VXLAN

LACP

 

You are tasked with configuring the network connections (virtual switches, physical uplinks and port groups) for multiple ESXi hosts. You could manually configure each host which would be time-consuming and could potentially introduce errors. You elect to configure one host correctly and then extract these settings and apply them to the new hosts. Which vSphere 5.1 feature should you use to do this? Choose one.

 A:

vSphere Host Profiles

vSphere Management Assistant

vSphere Host Templates

VMware Tools

You have implemented Distributed vSwitches (DVS) for all virtual networking in a customer’s virtual environment. What will happen if vCenter becomes unavailable? Choose one.  A:

All network configurations would immediately be lost and all network activity would stop – vCenter should be protected with VMware Fault Tolerance if you are using distributed vSwitchesNetwork activity will stop for a few minutes but HA will restart vCenter and everything will return to normalVirtual Machine and VMKernel network traffic works normally but you cannot manage or reconfigure the dvSwitch(es) until vCenter is recoveredvSphere automatically migrates all virtual machines over to Standard vSwitches and everything continues to work as normal with no downtime.

 

You suspect that poor network performance in a vSphere environment that you support is being caused by an incorrect switch configuration. You have implemented a centralized network configuration using Distributed vSwitches (version 5.1) throughout. What feature of these dvSwitches could you use to ascertain the cause of the problem? Choose one.

 A:

Network Teaming Analysis

Network Monitoring

dvSwitches do not have any features that allow this.

Network Health Check

You are designing a virtual network environment that will make use of PVLANS to create to create a DMZ. Your PVLAN design has a Primary PVLAN 100 that is promiscuous, a secondary promiscuous PVLAN 101, secondary isolated PVLANs 105 & 106 and secondary community PVLANs 125 &126. You have an application that must be deployed in the DMZ that requires two servers that must be able to communicate with each other but must be isolated from all other systems in the DMZ. Which PVLANs can be used for these VMs? Choose two.

 

A:

101

105

106

125

126

Virtual Machines connected to the same port group allow internal network communication. Virtual machines on different port groups cannot communicate internally, they have to access the physical network and be re-routed. True or False? Choose the correct answer:  A:

True – Port groups do not allow bridging or routing internally

False – You can allow internal network communication, but you must enable this feature at the switch policy level

With the release of VMware vCloud Networking and Security 5.1, some vShield functionality has been integrated into the VMware vSphere 5.1platform. Which of the following vShield components are included in VMware vCloud Networking for Security Advanced edition but are not present in the Standard Edition? Choose one.

 A:

vShield App

vShield Edge

vShield Endpoint

vShield Zones

You have just carried out a migration of a physical server to a virtual machine. The server hosts an application which used the MAC address of the original physical server network adapter as part of the application licensing parameters. The application will not start after the migration reporting an error with its license key. What should you advise your customer to do to resolve this?: Choose one.  A:

Obtain a new license key from the Application supplier (or agent) using the MAC address of the virtual NIC in the new application server VMObtain a new license key from the Application supplier (or agent) using the MAC address of any physical NIC used for VM traffic in the ESXi hostRemove the original network adapter from the old physical server and install it in your ESXi Host as an uplink NIC for vSwitch used by the VMUpgrade to Enterprise Licenses for the ESXi hosts in order to enable MAC address spoofing on the vSwitch used by the application VM

You are working on a design where the customer has specified that network uplink failures that are caused by physical switch configuration errors must be detected by vSphere and trigger a virtual switch uplink failover. Which network policy must you

configure to support this? Choose one.  A:

Beacon Probing

Link Status

Notify Switches

Failover Order

The ESXi hosts that you will be using in a new vSphere cluster will be configured with 2 x 10Gb Ethernet NICs. Which vSphere technologies must you select in order to ensure that you can allocate and control network bandwidth for the Management, IP Storage, vMotion, vSphere Replication and Virtual Machine networks that you need to implement? Choose two.  A:

Distributed Virtual SwitchesNetwork I/O ControlLink Aggregation Control

Flow control

 

You are working on a virtual network and realize that network uplink bandwidth utilization is very high and key systems are being impacted. You wish to ensure that no single process can use all of the available bandwidth. Which networking feature of Network I/O Control (NIOC) would you configure to ensure this? Choose one.

 A:

Isolation

Limits

Reservations

Shares

Your customer is concerned that their dvSwitch configuration is very complex and they are concerned that in a disaster recovery situation they have to manually reconstruct their dvSwitch configurations. Which of the following procedures should you advise your customer to follow to ensure they can recover from a corrupted dvSwitch configuration? Choose one.  A:

They should use a Third Party backup solution to back up their ESXi host network configurationThey can back up the configuration of each Distributed Virtual Switch from within the Distributed Virtual Switch itselfThey must ensure that all configuration settings are fully documentedThey can use the VMware Data Protection Appliance to back up

their ESXi host configurations, including the distributed vSwitchesThey can access the ESXi console and backup the network settings from there

Your networking team has designed a script to automate the deployment of virtual switches for Datacenter hosts. The interactive script requires input indicating which uplinks to use, the port group type, the port group name, and the number of ports required. You need to deploy a small virtual switch so you run the “Create New vSwitch Script”. You supply all the requested information and you enter the number 48 as the number of virtual ports required. When you open the GUI interface to check the successful deployment of this switch you discover that the switch only appears to have 40 available ports. Why is this? Choose one.  A:

The maximum number of ports that can be configured via script is 40.The vSphere client interface always displays the default number of ports when a vSwitch is initialized.It is not possible to create a vSwitch with a non-standard number of ports; this number must be changed after the switch has been created.Eight ports are always reserved for management purposes by the ESXi Hypervisor

You are designing a vSphere environment that will have to support NAS Storage. The storage team has already physically connected the storage units to the network. What specific network feature must you specify for each host to ensure that the storage will be available for use? Choose one.

 

A:

Configure the virtual switch and vmkernel port to support Jumbo FramesConfigure the MTU on the virtual switch to be 9000 bytesInstall the vendor’s NAS/NFS

vSphere pluginAdd a vmkernel port with an IP address that can access the NAS storage

 A customer would like to centralize the management of all network configurations for all hosts. Which VMware license type will they require, and which type of network switches will they be configuring? Choose one.

 A:

VMware Enterprise Edition, and Distributed vSwitches

VMware Enterprise Plus Edition, and Standard vSwitches

VMware Enterprise Plus Edition, and Distributed vSwitches

VMware Enterprise Edition, and Standard vSwitches

A customer is experiencing poor network performance and you have identified that network uplink bandwidth is insufficient for the demand on their ESXi hosts. There are unused physical network adapters in each of your hosts and the physical switches support NIC teaming. You tell the customer that the unused adapters on each host should be configured as additional uplinks for the production standard vSwitch. Which of the following teaming policies are valid choices for the uplink NIC teaming policy for the vSwitch uplinks? Choose three.

 A:

Route based on Originating Port ID

Load-based teaming

Route based on IP Hash

Route based on Source MAC Hash

Route based on PVLAN ID

There are two types of connections you can add to virtual switches – virtual machine port groups and vmkernel ports. Which of the functions listed below require appropriately configured VMKernel ports? Choose three.  A:

Fault ToleranceNetwork IO Control

vMotion

IP Storage

High Availability