Login
Login

Free VMware 2V0-41.24 Practice Test Questions 2026

Total 114 Questions |

Last Updated On : 7-Apr-2026


VMware NSX 4.X Professional V2

What are two valid options when configuring the scope of a distributed firewall rule? (Choose two.)



A. DFW


B. Tier-1 Gateway


C. Segment


D. Segment Port


E. Group





A.   DFW

E.   Group

Which two steps must an NSX administrator take to integrate VMware Identity Manager in NSX to support role-based access control? (Choose two.)



A. Create a SAML authentication in VMware Identity Manager using the NSX Manager FQDN.


B. Add NSX Manager as a Service Provider (SP) in VMware Identity Manager.


C. Enter the Identity Provider (IdP) metadata URL in NSX Manager.


D. Enter the service URL, Client Secret, and SSL thumbprint in NSX Manager.


E. Create an OAuth 2.0 client in VMware Identity Manager.





B.   Add NSX Manager as a Service Provider (SP) in VMware Identity Manager.

C.   Enter the Identity Provider (IdP) metadata URL in NSX Manager.

What are two supported host switch modes? (Choose two.)



A. Overlay Datapath


B. Secure Datapath


C. Standard Datapath


D. Enhanced Datapath


E. DPDK Datapath





C.   Standard Datapath

D.   Enhanced Datapath

Which two are requirements for FQDN Analysis? (Choose two.)



A. The NSX Edge nodes require access to the Internet to download category and reputation definitions.


B. ESXi control panel requires access to the Internet to download category and reputation definitions.


C. The NSX Manager requires access to the Internet to download category and reputation definitions.


D. A layer 7 gateway firewall rule must be configured on the Tier-1 gateway uplink.


E. A layer 7 gateway firewall rule must be configured on the Tier-0 gateway uplink.





A.   The NSX Edge nodes require access to the Internet to download category and reputation definitions.

D.   A layer 7 gateway firewall rule must be configured on the Tier-1 gateway uplink.

How does the Traceflow tool identify issues in a network?



A. Compares intended network state in the control plane with Tunnel End Point (TEP) keepalives in the data plane.


B. Compares the management plane configuration states containing control plane traffic and error reporting from transport node agents.


C. Injects ICMP traffic into the data plane and observes the results in the control plane.


D. Injects synthetic traffic into the data plane and observes the results in the control plane.





D.   Injects synthetic traffic into the data plane and observes the results in the control plane.

Which two statements are true for IPSec VPN? (Choose two.)



A. IPSec VPN services can be configured at Tier-0 and Tier-1 gateways.


B. Dynamic routing is supported for any IPSec mode in NSX.


C. IPSec VPNs use the DPDK accelerated performance library.


D. VPNs can be configured on the command line interface on the NSX manager.





A.   IPSec VPN services can be configured at Tier-0 and Tier-1 gateways.

C.   IPSec VPNs use the DPDK accelerated performance library.

Which statement is true about an alarm in a Suppressed state?



A. An alarm can be suppressed for a specific duration in hours.


B. An alarm can be suppressed for a specific duration in seconds.


C. An alarm can be suppressed for a specific duration in days.


D. An alarm can be suppressed for a specific duration in minutes





A.   An alarm can be suppressed for a specific duration in hours.

Refer to the exhibit.

An administrator would like to change the private IP address of the NAT VM 172.16.101.11 to a public address of 80.80.80.1 as the packets leave the NAT-Segment network.
Which type of NAT solution should be implemented to achieve this?



A. NAT64


B. Reflexive NAT


C. DNAT


D. SNAT





D.   SNAT

Page 2 out of 15 Pages
Next
12345
2V0-41.24 Practice Test Home

Copyright © - All Rights Reserved