VMware
VMware NSX 4.x Professional
Version: Demo
[ Total Questions: 10]
, Verified Questions and Answers VMware - 2V0-41.23
Question #:1
A company Is deploying NSX micro-segmentation in their vSphere environment to secure a simple application
composed of web. app, and database tiers.
The naming convention will be:
• WKS-WEB-SRV-XXX
• WKY-APP-SRR-XXX
• WKI-DB-SRR-XXX
What is the optimal way to group them to enforce security policies from NSX?
A. Use Edge as a firewall between tiers.
B. Do a service insertion to accomplish the task.
C. Group all by means of tags membership.
D. Create an Ethernet based security policy.
Answer: C
Explanation
The answer is C. Group all by means of tags membership.
Tags are metadata that can be applied to physical servers, virtual machines, logical ports, and logical segments
in NSX. Tags can be used for dynamic security group membership, which allows for granular and flexible
enforcement of security policies based on various criteria1
In the scenario, the company is deploying NSX micro-segmentation to secure a simple application composed
of web, app, and database tiers. The naming convention will be:
WKS-WEB-SRV-XXX
WKY-APP-SRR-XXX
WKI-DB-SRR-XXX
The optimal way to group them to enforce security policies from NSX is to use tags membership. For
example, the company can create three tags: Web, App, and DB, and assign them to the corresponding VMs
based on their names. Then, the company can create three security groups: Web-SG, App-SG, and DB-SG,
and use the tags as the membership criteria. Finally, the company can create and apply security policies to the
security groups based on the desired rules and actions2
Using tags membership has several advantages over the other options:
Updated Dumps | Pass 100% 1 of 10
VMware NSX 4.x Professional
Version: Demo
[ Total Questions: 10]
, Verified Questions and Answers VMware - 2V0-41.23
Question #:1
A company Is deploying NSX micro-segmentation in their vSphere environment to secure a simple application
composed of web. app, and database tiers.
The naming convention will be:
• WKS-WEB-SRV-XXX
• WKY-APP-SRR-XXX
• WKI-DB-SRR-XXX
What is the optimal way to group them to enforce security policies from NSX?
A. Use Edge as a firewall between tiers.
B. Do a service insertion to accomplish the task.
C. Group all by means of tags membership.
D. Create an Ethernet based security policy.
Answer: C
Explanation
The answer is C. Group all by means of tags membership.
Tags are metadata that can be applied to physical servers, virtual machines, logical ports, and logical segments
in NSX. Tags can be used for dynamic security group membership, which allows for granular and flexible
enforcement of security policies based on various criteria1
In the scenario, the company is deploying NSX micro-segmentation to secure a simple application composed
of web, app, and database tiers. The naming convention will be:
WKS-WEB-SRV-XXX
WKY-APP-SRR-XXX
WKI-DB-SRR-XXX
The optimal way to group them to enforce security policies from NSX is to use tags membership. For
example, the company can create three tags: Web, App, and DB, and assign them to the corresponding VMs
based on their names. Then, the company can create three security groups: Web-SG, App-SG, and DB-SG,
and use the tags as the membership criteria. Finally, the company can create and apply security policies to the
security groups based on the desired rules and actions2
Using tags membership has several advantages over the other options:
Updated Dumps | Pass 100% 1 of 10