In which VPN type are the Virtual Tunnel interfaces (VTI) used?

Correct Answer:D
Virtual Tunnel Interfaces (VTI) are used in route-based VPNs. In this type of VPN, the tunnel is treated like a regular interface on the router. This allows for the configuration of routing protocols and the application of routing decisions to the traffic flowing through the VPN tunnel. VTIs simplify the management of routing and make it more flexible in VPN scenarios.

Which two of the following will be used for ingress traffic on the Edge node supporting a Single Tier topology? (Choose two.)

Correct Answer:AB
Tier-1 SR Router Port: This port is used for ingress traffic on the Tier-1 Service Router (SR), which handles traffic as it enters the Tier-1 gateway.
Tier-1 SR Router Port: This port is used for ingress traffic on the Tier-1 Service Router
(SR), which handles traffic as it enters the Tier-1 gateway.

Which three of the following describe the Border Gateway Routing Protocol (BGP) configuration on a Tier-0 Gateway? (Choose three.)

Correct Answer:ABE
It supports a 4-byte autonomous system number: BGP on a Tier-0 Gateway supports 4-byte AS (Autonomous System) numbers, which are necessary for larger routing domains. Can be used as an Exterior Gateway Protocol: BGP is commonly used as an Exterior Gateway Protocol to establish routing between different autonomous systems (AS).
BGP is enabled by default: On a Tier-0 Gateway, BGP is typically enabled by default, allowing administrators to configure it for external routing.

Which two choices are use cases for Distributed Intrusion Detection? (Choose two.)

Correct Answer:BE
According to the VMware NSX Documentation, these are two of the use cases for Distributed Intrusion Detection, which is a feature of NSX Network Detection and Response:
✑ Quarantine workloads based on vulnerabilities: You can use Distributed Intrusion
Detection to detect vulnerabilities in your workloads and apply quarantine actions to isolate them from the network until they are remediated.
✑ Identify security vulnerabilities in the workloads: You can use Distributed Intrusion
Detection to scan your workloads for known vulnerabilities and generate reports that show the severity, impact, and remediation steps for each vulnerability.

Which three NSX Edge components are used for North-South Malware Prevention? (Choose three.)

Correct Answer:BCD
https://docs.vmware.com/en/VMware-NSX/4.1/administration/GUID-69DF70C2-1769-4858- 97E7-
B757CAED08F0.html#:~:text=On%20the%20north%2Dsouth%20traffic,Guest%20Introspe ction%20(GI)%20platform.
The main components on the edge node for north-south malware prevention perform the following functions:
• IDS/IPS engine: Extracts files and relays events and data to the security hub
North-south malware prevention uses the file extraction features of the IDS/IPS engine that runs on NSX Edge for north-south traffic.
• Security hub: Collects file events, obtains verdicts for known files, sends files for local and cloud-based analysis, and sends information to the security analyzer
• RAPID: Provides local analysis of the file
• ASDS Cache: Caches reputation and verdicts of known files

Which three protocols could an NSX administrator use to transfer log messages to a remote log server? (Choose three.)

Correct Answer:CDF
Both TCP and UDP are commonly used protocols for transferring log messages in syslog configurations. TCP is preferred when reliability is needed, while UDP is used for faster, connectionless transmission.
TLS can be used to secure the log messages being sent over TCP, ensuring encrypted transmission to the remote log server.