5V0-42.21 Online Practice Questions and Answers

The VMware SD-WAN solution is comprised of Orchestrator, Gateway, and Edge. The architecture ensures separation and secure communication between the management, control, and data plane of the solution. The management plane consists of the VMware SD-WAN Orchestrator, and the control plane is comprised of the VMware SO-WAN Gateway/ Controller. Which statement correctly describes this situation?

A. VMware SD-WAN Edges/Gateways establishes a Transport Layer Security (TLS) 1 2 encrypted session to the VMware SU-WAN Orchestrator

B. To make the entire solution to work property, TCP port 443 and HOP port 500 and UDP port 4500 are required to open in the firewall rule, if Edge is deployed behind a Firewall.

C. There is impact on data plane when the Edge loses connectivity to the management plane. The operator only loses the visibility of the Edge from Orchestrator and cannot make configuration changes on the Edge until the management plane connectivity is resumed.

D. Traffic between VMware SD-WAN Edges and from VMware SD-WAN Edges to VMware SD-WAN Gateways uses VMware SD-WAN Management Protocol (VCMP) tunneling over User Datagram Protocol (UDP) port 2427. secured with Internet Protocol Security (IPSec)

A customer has deployed VMware SD_WAN solution An administrator asked to imported additional security for traffic going to internet without investigating in new hardware solutions.

A. Service chaining with DFW in NSX-V

B. Service chaining with Zscaler Cloud Security Service

C. Service chaining with DFW in NSX-1

D. Service chaining with AWS Cloud Security

A network administrator is concerned about an Edge that may be approaching its documented limit for the

number of simultaneous tunnels. The historical data showing the number of simultaneous tunnels over the

time needs to be checked.

Where can this historical data be found?

A. Connect to the Edge CLI via SSH, and /opt/vc/bin/debug-py- tunnel_count

B. In the Monitoring section for the Edge in question, navigate to the ''System'' tab.

C. In the Remote Diagnostics section of the UI, run the ''Total Counts dump'' test.

D. Use the SNMP manage poll the vcelHealthObject tree in the VELOCLOUD-EDGE-MIB

Which role(s) must be enable under Gateway configuration page to allow a VMware SD-WAN Gateway to build IPsec tunnels to non-VM SD-WAN?

A. Control Plane

B. Control Plane + Data Plane + Partner Gateway

C. Control Plane + Secure VPN Gateway

D. Control Plane + Data Plane + Secure VPN Gateway

A customer is migrating a branch site with a VMware SD-WAN Edge coexisting with the CE. The Edge will be connected to internet link directly while connecting to the CE via a Layer 3 LAN switch. MPLS underlay is the preferred path for communication from this site to branch sites that have no VMware SD-WAN Edges. Communication from this site to branch sites that have VMware SD-WAN Edges should go through overlay.

A. Use BGP as the rout.ng protocol on UK Edge and flag its BGP neighbor to the Layer 3 LAN switch as Uplink.

B. Use BGP as the routing protocol on the Edge and filter prefixes from CE using Uplink Community

C. Use BGP as the routing protocol on the Edge and flag its HGP neighbor to PE as Uplink.

D. Use BGP as the routine, protocol on the Edge and flag its BGP neighbor to GE as Uplink.

A customer is using hypervisor to install VMware Partner Gateways. Which two hypervisors may be used? (Choose two.)

A. Hyper-V

B. Kubermetes

C. XenServer

D. KVM

E. ESXi

Which statement is true about the VMware SD-WAN Gateway roles and assignments?

A. Primary Gateway cannot be used as Super gateway for Edge-to-Edge communication, even it all the Edges have a common Primary gateway

B. The SD-WAN Orchestrator assigns the Gateways to the Edge automatically when it comes up based Oil (lie location of the Edge Branch-to-branch will choose the right Gateway automatically

C. If the Primary Gateway goes down. Cloud internet traffic would failover to Secondary gateway automatically

D. The Primarily and Secondary Gateways share the load fur both internet traffic and VPN traffic

Which feature is required to prevent a split-brain condition for a branch in an Enhanced HA

A. Split Brain Detection

B. SD-WAN Service Reachable on the private overlay

C. Cloud VPN

D. VRRP

Which statement describes a characteristic of VMware SU-WAN Edge (VCL) clustering?

A. One VCE cluster can be formed with both virtual and hardware at the same lime

B. A VCE cluster requires one dedicated interface for HA sync

C. VCF clusters member sync flow tables between themselves.

D. VCE cluster members should have unique IP addresses on its WAN interfaces

Due to very strict security policies an enterprise customer is looking for an on-premises deployment of the VMware SD-WAN Orchestrator and Controllers. Customer data is not expected to flow through this Controller, however it is desirable that management plane traffic towards the Orchestrator coming from VMware SD-WAN Edges can take the overlay tunnels through this controls. What are some of the needed steps to achieve the requirements above?

A. Under gateway configuration -> Configure the Gateway roles as Control Plane, disable Data Plane and enable management plane forward

B. Under gateway configuration -> Configure the Gateway roles as Control Plane, disable Data Plane and add static host routes with NAT hand off settings porting to the Orchestrator IPs under Partner Gateway advanced hand off settings

C. Under gateway configuration -> Configure the Gateway roles as Control-Plane, enable Data Plane and Partner Gateway role and add static host mules with NAT hand off settings pointing to the Orchestrator IPs under Partner Gateway advanced hand off settings

D. Under gateway configuration -> Configure the Gateway roles as Control-Plane, enable Data Plant- and Partner Gateway role and add a static default route with NAT hand off settings under Partner Gateway advanced hand oft settings