VMware 6V0-21.25 시험

Question No : 1

An administrator is investigating why a Windows VM, which is part of a cluster enabled for vDefend Malware Prevention, is not generating any file events. The administrator has confirmed the DFW policy and Malware Prevention profile are correctly applied.
Which of the following would prevent the Malware Prevention service from functioning on this specific VM? (Choose 2.)

• A.The VM's `Applied To` setting is missing from the Gateway Firewall.
• B.The "NSX File Introspection Driver" was not included during the VMware Tools installation on the V
• C.The "VMCI Driver" is disabled or not installed in VMware Tools on the V
• D.The NSX Manager is unable to communicate with the Security Services Platform (SSP).
• E.The VM is powered off.

답을 확인하기

정답:

Question No : 2

An auditor is reviewing a vDefend Malware Prevention profile to understand how it handles new, unknown threats.
They see the following setting configured in the profile:
File Status: Unknown
On-Access File-Write Action: Cloud File Analysis
What does this configuration instruct the vDefend platform to do?

• A.Block the file write, as "Unknown" is treated as malicious by default.
• B.Allow the file write and send a copy of the file to the vDefend Advanced Threat Prevention Cloud for sandboxing.
• C.Send the file's hash to the local NSX Manager for reputation analysis.
• D.Quarantine the VM until an administrator manually inspects the file.

답을 확인하기

정답:

Question No : 3

What underlying VMware technology does vDefend Distributed Malware Prevention leverage to gain access to the file system operations within a guest virtual machine?

• A.vSphere Storage APIs
• B.VMware Tools Guest Introspection drivers
• C.Network Traffic Analysis (NTA)
• D.The NSX Edge appliance

답을 확인하기

정답:

Question No : 4

A security administrator is configuring a new vDefend Distributed Firewall policy. The policy is applied to a security group named `App-Servers`.
When configuring a rule within this policy, what happens if the administrator sets the rule's 'Applied To' field to a *different* group named `Web-Servers`?

• A.The rule's `Applied To` field (`Web-Servers`) will override the policy's `Applied To` field (`App-Servers`).
• B.The policy's `Applied To` field (`App-Servers`) will override the rule's `Applied To` field (`Web-Servers`).
• C.The rule will be applied to the intersection of both groups (VMs that are in both `App-Servers` AND `Web-Servers`).
• D.The configuration will be rejected with an API error.

답을 확인하기

정답:

Question No : 5

An IT Operations team is managing a VCF environment. As part of a disaster recovery (DR) test, they need to export the entire vDefend Distributed Firewall configuration from their primary site so it can be replicated to a DR site.
What is the correct method to export the *entire* DFW configuration, including all policies and rules?

• A.Navigate to `Security > Distributed Firewall` and use the `Actions > Export FW Configuration` option in the U
• B.Run the `get firewall <uuid> ruleset rules` command on every ESXi host and combine the output.
• C.Use vDefend Security Intelligence to generate a rule recommendation report and export it as CS
• D.Manually query the NSX Policy API for each policy and save the JSON responses.

답을 확인하기

정답:

Question No : 6

An administrator needs to make multiple, dependent changes via the NSX Policy API. The goal is to create two new groups (`app_vms`, `db_vms`) and a new security policy (`app_policy`) with a rule that uses these two new groups as the source and destination.
Which API method provides the most efficient and atomic way to create all of these objects in a single transaction?

• A.A series of `PUT` calls to their respective endpoints.
• B.A single `POST` call to the `/policy/api/v1/infra/domains/default/groups` endpoint.
• C.A single `PATCH` call to the `/policy/api/v1/infra` endpoint.
• D.A series of `POST` calls to their respective endpoints.

답을 확인하기

정답:

Question No : 7

A developer is writing a script to add a new security rule to an existing vDefend DFW policy named "App-Policy". The developer wants the new rule to be evaluated *before* all other rules currently in that policy.
How should the developer construct the API call to achieve this?

• A.Use a `POST` call and set the `sequence_number` to 0 in the payload.
• B.Use a `PATCH` call to the policy and add the rule to the top of the 'rules' array.
• C.Use a `PUT` call with the new rule payload and an `action=revise` parameter.
• D.Use a `POST` call with the new rule payload, omitting the `sequence_number`.

답을 확인하기

정답:

Question No : 8

A developer is using a script to query the NSX Manager for all security groups within the 'default' domain. The script makes the following API call: `GET https://nsx.corp.local/policy/api/v1/infra/domains/default/groups`
The JSON response includes a "cursor" field at the end.
What does the presence of this field indicate?

• A.The API call has failed and the cursor provides a token for troubleshooting.
• B.There are more results to retrieve, and a subsequent call must include this cursor value to get the next page of results.
• C.The query is complete and the cursor represents the total number of groups found.
• D.The API is rate-limiting the developer's script and the cursor indicates how long to wait before the next call.

답을 확인하기

정답:

Question No : 9

A DevOps engineer needs to programmatically create a new Distributed Firewall policy using the NSX Policy API. The policy should be named "api-policy" and be placed in the "Application" category.
Which API call and payload are correct for this action?

• A.`POST /policy/api/v1/infra/domains/default/security-policies/api-policy` Payload: { "description": "API-created policy", "display_name": "api-policy", "category": "Application" }
• B.`PUT /policy/api/v1/infra/domains/default/security-policies/api-policy` Payload: { "description": "API-created policy", "display_name": "api-policy", "category": "Application" }
• C.`PATCH /policy/api/v1/infra` Payload: { "resource_type": "SecurityPolicy", "id": "api-policy", "category": "Application" }
• D.`POST /policy/api/v1/infra/services/api-policy` Payload: { "description": "API-created policy", "display_name": "api-policy" }

답을 확인하기

정답:

Question No : 10

An IT Manager is reviewing the capabilities of the VMware vDefend Advanced Threat Prevention (ATP) suite. They want to understand how the different components work together to stop a multi-stage ransomware attack.
Which three of the following capabilities are part of the vDefend ATP solution? (Choose 3.)

• A.Network Sandboxing for zero-day malware analysis
• B.Signature-based Intrusion Detection/Prevention (IDS/IPS)
• C.Network Traffic Analysis (NTA) for behavioral anomaly detection
• D.Host-based Antivirus (AV) file scanning
• E.Web Application Firewall (WAF) for SQL injection

답을 확인하기

정답:

Question No : 11

A security administrator is configuring a vDefend Malware Prevention policy for a VCF cluster. The administrator wants to ensure that all guest VMs on the cluster are protected.
What component must be installed on the guest VMs to enable the Distributed Malware Prevention service to inspect files?

• A.The NSX Edge agent
• B.The vDefend Security Services Platform (SSP)
• C.The Guest Introspection thin agent
• D.The NSX Manager agent

답을 확인하기

정답:

Question No : 12

A security administrator is concerned about a new ransomware attack that is exploiting a known vulnerability (CVE-2025-1234) to spread between servers. The IT team is unable to patch the affected servers immediately.
How can the administrator use vDefend Advanced Threat Prevention to block this specific attack vector?

• A.Use Network Traffic Analysis (NTA) to block all traffic from the compromised VMs.
• B.Use Distributed IDS/IPS to apply a "virtual patch" by blocking the specific exploit signature.
• C.Use Malware Prevention to scan the server's hard drive for the ransomware executable.
• D.Use vDefend Security Intelligence to recommend a new micro-segmentation policy.

답을 확인하기

정답:

Question No : 13

An auditor is reviewing the vDefend Advanced Threat Prevention configuration. They want to know what types of files can be analyzed by the Gateway Malware Detection feature.
According to the documentation, which file types are analyzed by vDefend Gateway Malware Detection? (Select all that apply.)

• A.Unknown
• B.Benign
• C.Suspicious
• D.Encrypted
• E.Malicious

답을 확인하기

정답:

Question No : 14

A security administrator is configuring a vDefend Malware Prevention profile. The administrator wants to ensure that any file not recognized by local analysis is sent to the cloud for advanced analysis.
Which feature must be configured in the Malware Prevention profile to send unknown files to the advanced sandbox environment?

• A.Network Traffic Analysis (NTA)
• B.Cloud File Analysis
• C.Distributed IDS/IPS
• D.FQDN Filtering

답을 확인하기

정답:

Question No : 15

An organization is required to comply with PCI-DSS, which mandates protection against malware for all systems in the Cardholder Data Environment (CDE).
Which VMware vDefend feature is specifically designed to meet this requirement by safeguarding private cloud workloads against ransomware and malicious activity?

• A.vDefend Security Intelligence
• B.vDefend Distributed Firewall
• C.vDefend Malware Prevention
• D.vDefend Network Traffic Analysis (NTA)

답을 확인하기

정답: