ExamTopics Logo
Mail Us[email protected]
Menu
Vmware Discussions
exam questions

Exam 2V0-31.19 All Questions

View all questions & answers for the 2V0-31.19 exam
Go to Exam

Exam 2V0-31.19 topic 1 question 23 discussion

Actual exam question from VMware's 2V0-31.19
Question #: 23
Topic #: 1
[All 2V0-31.19 Questions]

An architect is designing a machine blueprint containing web, application and database servers utilizing NSX-T for networking. Upon provisioning, network traffic must be automatically restricted to allow the web server to communicate only with the application server, the application server to communicate with both the web and database servers, and the database server to be blocked from communicating with the other servers.
Which methods can be used to accomplish this?

  • A. Add an appropriate security group to the blueprint from within the Blueprint Properties, under NSX Settings.
  • B. Specify an appropriate NSX-T Existing Network and Security (NS) Group in the blueprint and assign it to each machine.
  • C. Create or update an appropriate security group within NSX-T to include the provisioned machines.
  • D. Assign an appropriate security group to the entitled items or entitled service with the entitlement.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Mig at June 14, 2020, 4:23 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
jasonv
4 years, 11 months ago
NSX-T NS security groups are managed outside of vRealize Automation in the NSX-T application. For information about managing NS Groups, see the NSX-T product documentation.
upvoted 1 times
...
jasonv
4 years, 11 months ago
mmmm i think that B is correct, there is no way that with one security group you can segment the application as requested, you need to create different security groups, add the dfw rules and then add the vms to the security groups during workflow , so i'll go with B
upvoted 1 times
...
Mig
5 years ago
C - correct answer I am sorry I change my mind :-) You need to create a new SG or update existing one.
upvoted 2 times
kishank
4 years, 9 months ago
I agree with the reference to the lab. The lab already had three security groups configured in NSX-T which were dropped on the blueprint and associated with appropriate VM's. B is still the appropriate answer in my opinion. I'm writing the exam in a couple of hours and would be going with B.
upvoted 1 times
...
...
Mig
5 years ago
B URL => NSX 3 Tier => https://pasteboard.co/Jd4wFJ8.jpg
upvoted 1 times
...
Mig
5 years ago
B The question remembered me activities in Lab 20. Lab 20 Integrating NSX Data Center for vSphere - vRealize v7.6 - ICM course.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel