VMware

VMware vDefend Security for VCF 5.x Administrator

6V0-21.25

The 6V0-21.25 exam tests your skills in VMware vDefend Security for VCF.

200 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 151–160 of 200

Q151

Which service provides automated compliance checks for VCF?

  • A VMware CloudHealth
  • B VMware vRealize Operations
  • C VMware vSphere Update Manager
  • D VMware vRealize Automation
Explanation VMware CloudHealth automates compliance checks, while others focus on resource management or automation.
Q152

You are configuring a vDefend policy for network segmentation. Which rule must be included for effective isolation?

  • A Allow all traffic
  • B Deny all traffic
  • C Allow traffic from specific IPs
  • D Permit traffic to external DNS
Explanation Denying all traffic is essential to ensure strict isolation unless exceptions are specifically defined.
Q153

What happens when a workload is initiated with an expired security policy in VCF?

  • A Workload fails to deploy
  • B Workload deploys with reduced features
  • C Workload operates normally
  • D Workload is deployed, but logged as a warning
Explanation An expired security policy prevents any new deployments to ensure compliance and security standards are met.
Q154

Which service is primarily responsible for managing virtual machine lifecycle in VMware Cloud Foundation?

  • A vSphere Lifecycle Manager
  • B vSan Operations
  • C NSX Intelligence
  • D vRealize Operations
Explanation vSphere Lifecycle Manager automates the VM lifecycle management, while other services have different focuses.
Q155

A company needs to ensure that their cloud infrastructure can quickly recover in case of a local disaster. Which VMware feature should they implement?

  • A VMware High Availability
  • B VMware DRS
  • C VMware vMotion
  • D VMware NSX
Explanation VMware High Availability protects against hardware failures, unlike DRS and NSX which serve different purposes.
Q156

You are configuring network policies in NSX. What happens when a security rule is set to allow traffic based on tag but the tag is removed?

  • A Traffic is still allowed
  • B Traffic is denied
  • C Rule remains active
  • D Logs traffic activity only
Explanation Removing the tag denies traffic as the rule’s condition is no longer met, while the other options are untrue in this context.
Q157

Which service provides identity management in VCF?

  • A VMware Identity Manager
  • B vSphere Client
  • C NSX-T Data Center
  • D vRealize Operations
Explanation VMware Identity Manager manages user identities; the others serve different roles.
Q158

A company needs to secure its virtual machines using micro-segmentation. What should they implement?

  • A vSphere Replication
  • B NSX Distributed Firewall
  • C vSAN Storage Policies
  • D Content Library
Explanation NSX Distributed Firewall provides network micro-segmentation, while other options do not.
Q159

You are configuring a workload domain in VCF. What is a requirement for its deployment?

  • A 10 Gbps network required
  • B Single vCenter Server prior
  • C Separate physical servers needed
  • D Shared storage is mandatory
Explanation A single vCenter Server is necessary; the others are not mandatory requirements.
Q160

Which service manages encryption keys in VCF?

  • A VMware vSphere Encryption
  • B VMware Cloud Director
  • C VMware Key Management Server
  • D VMware NSX Manager
Explanation VMware Key Management Server provides key management, while others do not.