New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

VMware 3V0-643 Advanced Deploy VMware NSX-T Data Center 3.X Exam Practice Test

Demo: 3 questions
Total 1 questions

Advanced Deploy VMware NSX-T Data Center 3.X Questions and Answers

Question 1

Configure the Layer 3 connectivity between the newly created Dev-segments by assigning them to a new DLR named Dev-DLR-NEW.

Requirements:

vCenter: vcsa-01a.corp.local

Ccredentials: administrator@vsphere.local . VMware1!

Default GW for Dev-subnets:

Dev-Web-Tier-01-NEW172.16.10.1/24

Dev-App-Tier-01-NEW172.16.20.1/24

Dev-DB-Tier-01-NEW172.16.30.1/24

DLR Settings:

DLR Name: Dev-DLR-NEW

Uplink IP Address: 192.168.6.5/30

Interface: Dev-Transit

Password: VMware1!WMware1!

Cluster: Management & Edge Cluster

  • Ensure east-west routing has been optimized.
  • The control plane failover should begin 15 seconds on logical switch HA-VXLAN.
  • Ensure secure shell is available.
  • Connect the Web, App and DB virtual machines to their respective dev tiers.
  • Dev-web-01, Dev-web-02a, Dev-web-04a
  • Dev-app-01a
  • Dev-db-01a

HOL LAB for Practice:

also deploy Distributed logical router DLR in the same way the lab.

Options:

Question 2

Create a backup of only the vDS portgroup the NSX controllers utilize along with the NSX Firewall configuration. Also, the security team had identified a missing security policy that needs to be added.

Requirements:

vCenter: vcsa-01a.corp.local

Credentials: administrator@vsphere.local / VMware1!

Components to backup:

  • vDS Portgroup that the controllers utilize.
  • NSX Firewall configuration.
  • Backup file name: vdsPortGroup-backup-NEW.zip, nsxfw-backup-NEW.xml
  • Backup file location: Desktop of the ControlCenter.

Security Policy:

File to import: sec-policy-blueprint located on the desktop of the ControlCenter.

  • Backup only the vDS portgroup that the NSX Controllers utilize.
  • Backup the NSX Firewall configuration.
  • Import the sec-policy.blueprint file

Ensure requirements are met.

HOL LAB for Practice:

Options:

Question 3

In the Dev environment, you have the application and database servers on separate networks created previously. Configure inbound only network security to allow only Dev application servers access to Dev database servers using MYSQL service port.

Requirements:

vCenter: vcsa-01a.corp.local

Credentials: administrator@vsphere.local / VMware1!

Service Port: MYSQL

Networks: Dev-App-Tier-01-NEW and Dev-DB-Tier-01-NEW

Credentials for Dev VMs: root / VMware1!

  • This rule should be in its own “DB security-NEW” section.
  • Ensure inbound only network security allows Dev application servers access to Dev database servers.
  • This rule should not be prpogated to all NSX prepared clusters.
  • This rule should be created in a way that any new virtual machines on App and DB segments will be secured.
  • This rule should be created with the fewest rule(s) possible.
  • All other servers should be denied.

Ensure inbound security requirements are met.

HOL LAB for Practice:

Options:

Demo: 3 questions
Total 1 questions