6V0-21.25 Online Practice Questions

Home / Broadcom / 6V0-21.25

Latest 6V0-21.25 Exam Practice Questions

The practice questions for 6V0-21.25 exam was last updated on 2025-12-31 .

Viewing page 1 out of 16 pages.

Viewing questions 1 out of 83 questions.

Question#1

A security administrator has been tasked with hardening the VCF environment. One of the requirements is to prevent attackers from using insecure protocols, like Telnet, for lateral movement. The administrator is not sure which VMs use Telnet, so they cannot create a simple 'Block' rule yet.
How can vDefend Security Intelligence be used to safely implement this policy?

A. Use Security Intelligence to create a policy recommendation that automatically blocks all Telnet traffic.
B. Use Security Intelligence to discover all active Telnet flows, identify the legitimate ones, and then create a 'Drop' rule for all *other* Telnet traffic.
C. Use Security Intelligence to enable NTA, which will behaviorally block all Telnet traffic as anomalous.
D. Use Security Intelligence to run a 'Traceflow' on port 23 to all VMs to see which ones respond.

Question#2

The vDefend Distributed Firewall (DFW) is configured with a default-deny policy, and this default rule is also being logged.
Task As the vDefend Administrator, describe the high-level steps you would take in the NSX Manager UI to provide this evidence to the auditor.

A. 

Question#3

A security operator is investigating a network connectivity issue using the NSX Edge CLI. They suspect that traffic is being dropped by the vDefend Gateway Firewall. The operator needs to see a log of all packets being processed by the firewall, including those that are dropped and the reason for the drop.
Which log file on the NSX Edge node should the operator monitor?

A. `/var/log/dfwpktlogs.log`
B. `/var/log/syslog`
C. `/var/log/firewallpkt.log`
D. `/var/log/vmware/guestIntrospectionHostAgent.log`

Question#4

A security team is in the process of responding to a ransomware attack. They have identified the compromised workloads and are using VMware Live Recovery to restore from a clean backup.
How can the vDefend Distributed Firewall (DFW) be used to support this recovery process? (Select all that apply.)

A. It can be used to isolate the recovery environment, preventing re-infection from the compromised network.
B. It automatically applies the firewall rules that were in place at the time of the backup.
C. It can block anomalous file movements to help protect against data exfiltration during the recovery.
D. It automatically initiates the vMotion of the restored VMs to a clean host.
E. It decrypts the ransomed files using a built-in key manager.

Question#5

A network administrator is configuring a vDefend Gateway Firewall on an NSX Edge node. They need to ensure that if a user attempts to connect to a blocked website over HTTPS, the user's browser receives a notification page instead of a simple connection timeout.
What must be configured for the Gateway Firewall to present this custom response page for HTTPS traffic?

A. A Gateway Firewall rule with action 'Reject'.
B. TLS Inspection.
C. An L7 Access Profile with action 'Reject with Response'.
D. A Distributed Firewall rule with action 'Reject'.

Exam Code: 6V0-21.25Q & A: 241 Q&AsUpdated:  2025-12-31

 Get All 6V0-21.25 Q&As

Top 20 Exams

CertQuestionsBank doesn't offer Real Microsoft, Amazon, Cisco Exam Questions. All CertQuestionsBank content is sourced from the Internet.

Important Links

Know Us

Follow Us

Copyright © 2026 CertQuestionsBank NETWORK CO.,LIMITED. All Rights Reserved.