[Free] 2018(Jan) EnsurePass Testinsides VMware VCAN610 Dumps with VCE and PDF 11-20

By | January 25, 2018

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan VMware Official New Released VCAN610
100% Free Download! 100% Pass Guaranteed!

VMware Certified Associate- Network Virtualization

Question No: 11

An administrator has deployed and powered on a new virtual machine configured to get its networking information via DHCP. The virtual machine is connected to an NSX network and connectivity has been verified. After reconfiguring the virtual machine with a static IP address, network connectivity is lost.

Which statement explains what happened?

  1. SpoofGuard is disabled

  2. SpoofGuard is enabled and the operation mode is set to automatic

  3. SpoofGuard is enabled and the operation mode is set to manual

  4. SpoofGuard is enabled but not configured

Answer: B

Question No: 12

An NSX Edge Service Gateway has two interfaces:

  • Internal interface named Internal Access

    – IP address =

    – Network mask =

  • Uplink interface named Physical Uplink

– IP address =

– Network mask =

A vSphere administrator wants to add a SNAT rule to allow traffic from the internal network segment to access external resources via the uplink interface.

Which three steps should the vSphere administrator do to add the SNAT rule? (Choose three)

  1. Apply the SNAT rule to the Internal Access interface.

  2. Select as the translated source IP.

  3. Apply the SNAT rule on the Physical Uplink interface.

  4. Select as the original subnet.

  5. Choose as the translated source IP.

Answer: C,D,E

Question No: 13

A company has augmented its Data Center infrastructure by using vCloud Hybrid Service during peak hours. The company wants to extend their existing subnets into the cloud while workloads retain their existing IP addresses. The virtual machines in these subnets use an

NSX Edge Gateway as their default gateway.

Which solution should this company use?

  1. Layer 2 VPN


  3. IPSec VPN

  4. SSL VPN

Answer: A

Question No: 14

An administrator wishes to control traffic flow between two virtual machines. The virtual machines are in the same subnet, but are located on separate ESXi hosts.

The administrator deploys an Edge Firewall to one of the hosts and verifies the default firewall rule is set to deny, but the two virtual machines can still communicate with each other.

What task will correct this issue?

  1. Configure both ESXi host firewalls to deny traffic from the virtual machine on the other host.

  2. Deploy another Edge Firewall on the host running the second virtual machine.

  3. Remove any other firewall appliances that may exist on either of the ESXi hosts.

  4. Deploy a Distributed Firewall with firewall rules to prevent traffic between the virtual machines.

Answer: D

Question No: 15

Which option shows an advantage of implementing logical firewalls in NSX?

  1. NSX allows segmentation of virtual machines based upon VM names or user identity.

  2. NSX provides traffic forwarding between layer 2 broadcast domains.

  3. NSX allows virtual machine traffic to follow multiple paths to a specific destination.

  4. NSX provides the ability to provide IPv4 and IPv6 dual stack configuration.

Answer: A

Question No: 16

An administrator has deployed NSX within the vSphere environment, but is unable to deploy an NSX Controller. What step must be taken to resolve the issue?

  1. Register the third-party security service device or virtual appliance with NSX Manager

  2. Deploy a distributed router and enable the High Availability option.

  3. On the NSX Manager, select Enable multicast addressing and complete the configuration.

  4. Define a data security group for all deployed virtual machine groups.

Answer: C

Question No: 17

A user needs to be given the ability to make configuration changes on a specific NSX Edge device. What role and scope could be used to meet this requirement?

  1. NSX Administrator role and Limit Access scope

  2. Security Administrator role and Limit Access scope

  3. NSX Administrator role and No restriction scope

  4. Security Administrator role and No restriction scope

Answer: B

Question No: 18

Which tool is used to detect rogue services?

  1. NSX Logical Firewall

  2. NSX Logical Router

  3. Activity Monitoring

  4. Flow Monitoring

Answer: D

Question No: 19

You are tasked with designing a data center architecture that should maximize the use of vMotion within your environment. You must use these VMware best practices:

->The network must utilize widely offered layer 2 switching and layer 3 switching services

->Purchase of new equipment should be minimized

Which two network design architectures will provide the requirements for vMotion in your data center? (Choose two.)

  1. Utilize layer 3 switching from the access layer through the core.

  2. Employ layer 2 multipathing using a standardized protocol.

  3. Deploy a flat, traditional layer 2 switched network.

  4. Deploy an overlay technology for the deployment of your virtual network.

Answer: A,D

Question No: 20

How does NSX simplify physical network design?

  1. VLANs are moved into the virtual network for virtual machine traffic, eliminating the need to use PVLANs on the physical network.

  2. Network administrators only need to configure routing on the physical network for virtual machine traffic since all other network functions are moved to the virtual network.

  3. Transport zones are created in the virtual network for virtual machine traffic, removing the need to make changes to the physical network.

  4. Virtual network integration can make changes to the physical network programmatically using REST API calls which automates network changes and increases agility.

Answer: C

100% Ensurepass Free Download!
Download Free Demo:VCAN610 Demo PDF
100% Ensurepass Free Guaranteed!
VCAN610 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.