VCP-NV 2024: Network Virtualization Practice Exam

360 Questions and Answers

VCP-NV 2024 Network Virtualization Practice Exam cover showing VMware NSX-T concepts and certification preparation

VCP-NV 2024: Network Virtualization Practice Exam

Prepare confidently for the VMware Certified Professional – Network Virtualization (VCP-NV) 2024 exam with this comprehensive practice test from Exam Sage. Designed to help IT professionals and network engineers validate their skills in VMware NSX-T Data Center technologies, this practice exam covers all essential domains and concepts you need to master for certification success.

What is the VCP-NV 2024 Exam?

The VCP-NV 2024 certification validates your ability to install, configure, and manage NSX-T environments, focusing on network virtualization, security, and automation. It is ideal for professionals working with VMware NSX-T in multi-cloud and data center environments who want to demonstrate expertise in network virtualization architecture, logical switching and routing, security, and automation.

What You Will Learn

This practice exam will help you sharpen your knowledge and skills on key topics such as:

  • NSX-T Architecture and Components: Understand the roles of NSX Manager, Edge Nodes, Transport Nodes, and logical routers.

  • Overlay Networking and Encapsulation: Master the Geneve protocol and overlay technologies that enable network virtualization.

  • Logical Switching and Routing: Learn how NSX-T Segments (logical switches) and Tier-0 and Tier-1 Gateways provide seamless connectivity and routing in virtualized environments.

  • Distributed Firewall and Micro-segmentation: Gain expertise in securing virtual networks by applying granular firewall policies directly at the VM virtual NIC.

  • NSX-T Edge Services: Explore NAT, load balancing, VPN, and other critical services provided by Edge Clusters.

  • Multi-site and Federation: Understand how NSX Federation enables multi-site management and disaster recovery.

  • Dynamic Routing Protocols: Get familiar with OSPF, BGP, and EVPN implementations within NSX-T.

  • Network Security and Automation: Learn to implement NSX Distributed Firewall, Service Insertion, and automate NSX using APIs for scalable network operations.

  • Troubleshooting and Operations: Prepare for real-world scenarios involving NSX-T host transport nodes, routing, and security configurations.

Why Choose Exam Sage for Your VCP-NV Exam Preparation?

Exam Sage is a trusted platform dedicated to providing up-to-date, high-quality, and practice-focused exam resources. Our VCP-NV 2024 practice exam:

  • Reflects the Latest Exam Objectives: Carefully crafted questions aligned with the 2024 VMware NSX-T exam blueprint.

  • Detailed Explanations: Each question comes with a comprehensive answer explanation to deepen your understanding.

  • Realistic Exam Simulation: Mimics the format and difficulty of the actual certification exam.

  • Convenient and Flexible: Practice anytime, anywhere, on any device.

  • Expertly Curated Content: Developed by experienced VMware professionals and network virtualization experts.

By practicing with Exam Sage, you’ll gain the confidence and knowledge to pass your VCP-NV 2024 exam on your first attempt and boost your career in network virtualization.

Start your journey to becoming a VMware Certified Professional in Network Virtualization today. Explore the full practice exam and unlock your potential with Exam Sage!

Sample Questions Answers

1. Which component of VMware NSX is responsible for managing the overall networking and security architecture?

A. NSX Edge
B. NSX-T Manager
C. NSX Controller
D. vCenter Server

Answer: B. NSX-T Manager
Explanation: The NSX-T Manager is the central component for managing the entire NSX environment. It provides the GUI, REST API, and deployment management for logical networking, security policies, and integrations.

2. What feature allows NSX-T to support multi-hypervisor environments?

A. Universal Transport Zone
B. Federation
C. Distributed Firewall
D. Policy Mode

Answer: B. Federation
Explanation: NSX-T Federation provides a way to manage multiple NSX-T environments across regions and supports multi-hypervisor workloads by providing consistent networking and security.

3. What is the default communication protocol used between NSX-T components?

A. HTTPS
B. VXLAN
C. GENEVE
D. GRE

Answer: C. GENEVE
Explanation: GENEVE (Generic Network Virtualization Encapsulation) is the encapsulation protocol used by NSX-T for overlay networking, replacing VXLAN.

4. In NSX-T, what is the role of a Transport Node?

A. Hosts control plane services
B. Manages the NSX-T Manager
C. Participates in the data plane
D. Hosts vCenter plug-in

Answer: C. Participates in the data plane
Explanation: Transport Nodes are responsible for carrying user VM traffic via NSX-T overlay networks; they are part of the NSX data plane.

5. Which NSX-T component enables connectivity to the physical network?

A. Tier-1 Gateway
B. Edge Transport Node
C. NSX Manager
D. NSX Controller

Answer: B. Edge Transport Node
Explanation: The Edge Transport Node provides north-south connectivity and services like NAT, DHCP, and load balancing, connecting virtual networks to physical networks.

6. Which tool can be used to validate and troubleshoot NSX-T configurations?

A. vRealize Operations
B. NSX CLI
C. Traceflow
D. NetFlow

Answer: C. Traceflow
Explanation: Traceflow is an NSX built-in tool that simulates packet flow through the NSX environment and identifies issues in the forwarding path.

7. What are the two operational modes of Distributed Firewall in NSX-T? (Choose two)

A. Stateless
B. Application mode
C. Layer 3 mode
D. Policy mode
E. Manager mode

Answer: D. Policy mode, E. Manager mode
Explanation: NSX-T offers Policy and Manager modes for firewall rule management—Policy mode is declarative, while Manager mode is imperative.

8. What does the Tier-0 Gateway provide in NSX-T?

A. East-west routing between VMs
B. Intra-tenant isolation
C. North-south routing to external networks
D. DHCP services

Answer: C. North-south routing to external networks
Explanation: Tier-0 Gateways provide routing between the virtual NSX environment and the external physical network.

9. What component is required for enabling NAT in NSX-T?

A. Distributed Firewall
B. Edge Services Gateway
C. Tier-1 Gateway
D. Segment Profile

Answer: B. Edge Services Gateway
Explanation: NAT rules are implemented on the Edge Services Gateway, part of the Tier-0 or Tier-1 Gateways hosted on Edge Nodes.

10. Which protocol is supported for BGP route advertisements in NSX-T Tier-0 Gateway?

A. OSPF
B. RIP
C. BGP EVPN
D. iBGP/eBGP

Answer: D. iBGP/eBGP
Explanation: NSX-T supports both internal and external BGP (iBGP/eBGP) for route advertisements to external physical routers.

11. What is a Segment in NSX-T?

A. An L2 domain attached to a VLAN
B. A firewall profile
C. A logical router
D. A routing protocol

Answer: A. An L2 domain attached to a VLAN
Explanation: A Segment in NSX-T is a logical Layer 2 broadcast domain which can be backed by an overlay or VLAN.

12. What role does the NSX-T Local Manager play in a Federation setup?

A. Controls global policies
B. Manages a single location/site
C. Acts as a DNS server
D. Routes multicast traffic

Answer: B. Manages a single location/site
Explanation: In a Federation, Local Managers are responsible for site-specific configurations, while the Global Manager handles multi-site policies.

13. Which service allows micro-segmentation in NSX-T?

A. NSX Intelligence
B. Distributed Firewall
C. Tier-1 Gateway
D. NSX Federation

Answer: B. Distributed Firewall
Explanation: Distributed Firewall enables micro-segmentation at the VM level for east-west traffic within the virtualized environment.

14. What is required before deploying NSX-T Data Center?

A. vSphere 7.0 Update 3
B. vCenter Server
C. Overlay Transport Zone
D. Edge Cluster

Answer: C. Overlay Transport Zone
Explanation: An Overlay Transport Zone must be created to allow communication between Transport Nodes using GENEVE encapsulation.

15. What is the maximum number of NSX Managers in a cluster?

A. 3
B. 5
C. 7
D. 1

Answer: A. 3
Explanation: NSX-T supports clustering of up to 3 NSX Managers for HA and redundancy.

16. What does the NSX Intelligence feature do?

A. Automatically updates routing tables
B. Provides automated snapshots
C. Visualizes network traffic and policy recommendations
D. Runs hypervisor updates

Answer: C. Visualizes network traffic and policy recommendations
Explanation: NSX Intelligence provides deep insights into network flows and suggests firewall policies based on observed behavior.

17. What function is performed by NSX-T Service Insertion?

A. Load Balancing
B. VPN Encryption
C. Integration with third-party security solutions
D. Routing redistribution

Answer: C. Integration with third-party security solutions
Explanation: Service Insertion enables integration of NSX with external services like IDS/IPS, antivirus, and next-gen firewalls.

18. What is a Transport Zone used for in NSX-T?

A. User authentication
B. Defining logical switch scope
C. Physical storage segmentation
D. Snapshot replication

Answer: B. Defining logical switch scope
Explanation: A Transport Zone defines the scope of a Segment—i.e., which Transport Nodes can connect to a given network.

19. NSX-T supports which load balancing techniques? (Choose two)

A. Least Connections
B. DNS Round-Robin
C. Source NAT
D. Weighted Round-Robin
E. Policy-Based NAT

Answer: A. Least Connections, D. Weighted Round-Robin
Explanation: NSX-T provides Layer 4 and Layer 7 load balancing using multiple algorithms, including Least Connections and Weighted Round-Robin.

20. What is required for enabling EVPN with NSX-T?

A. vCenter
B. NSX Global Manager
C. VRF Lite
D. Tier-0 Gateway with BGP

Answer: D. Tier-0 Gateway with BGP
Explanation: EVPN requires a Tier-0 Gateway configured with BGP to advertise MAC and IP reachability information to external routers.

21. What does the term “converged VDS” refer to in vSphere with NSX-T?

A. Layer 2 redundancy
B. Support for both VLAN and overlay traffic
C. Federation integration
D. NSX Edge optimization

Answer: B. Support for both VLAN and overlay traffic
Explanation: Converged VDS allows VLAN-backed and overlay segments to coexist on a single vSphere Distributed Switch.

22. Which log level provides the most verbose logging in NSX-T?

A. INFO
B. DEBUG
C. WARN
D. ERROR

Answer: B. DEBUG
Explanation: DEBUG level logs provide detailed information useful for deep troubleshooting in NSX environments.

23. Which tool is used to back up the NSX-T Manager cluster?

A. vSphere Replication
B. NSX CLI
C. API or GUI Scheduled Backup
D. vCenter HA

Answer: C. API or GUI Scheduled Backup
Explanation: NSX Manager supports scheduled and on-demand backups via the API or GUI for configuration data.

24. What NSX component can function as a DHCP server?

A. Segment
B. Tier-1 Gateway
C. NSX-T Manager
D. Edge Node

Answer: B. Tier-1 Gateway
Explanation: A DHCP server can be configured on Tier-1 Gateways to assign IPs to VMs on connected segments.

25. What is the purpose of VRF in NSX-T?

A. Provides L2 tunneling
B. Creates virtual routing instances on Tier-0
C. Filters VLANs
D. Balances CPU workloads

Answer: B. Creates virtual routing instances on Tier-0
Explanation: VRFs (Virtual Routing and Forwarding) allow multiple logical routing instances on a single Tier-0 Gateway, enabling multi-tenancy.

26. NSX-T Policy API is based on what data model?

A. RESTful imperative
B. SOAP-based
C. Declarative
D. RPC

Answer: C. Declarative
Explanation: The NSX-T Policy API is declarative, meaning you define the desired outcome, and NSX manages the state automatically.

27. What is required to configure a VLAN-backed segment?

A. Overlay Transport Zone
B. VLAN Transport Zone
C. NSX Federation
D. Converged VDS only

Answer: B. VLAN Transport Zone
Explanation: VLAN-backed segments must be associated with a VLAN Transport Zone to allow physical VLAN connectivity.

28. What happens if the NSX-T Manager cluster loses quorum?

A. All services stop
B. Only backup continues
C. Read-only mode is entered
D. Edge nodes reboot

Answer: C. Read-only mode is entered
Explanation: Without quorum (at least 2 of 3 NSX Managers), the cluster enters read-only mode to prevent configuration inconsistencies.

29. NSX-T Distributed IDS/IPS is deployed at what level?

A. Edge Node
B. vCenter
C. Hypervisor level
D. Segment

Answer: C. Hypervisor level
Explanation: Distributed IDS/IPS in NSX-T is implemented at the hypervisor level to inspect traffic inline without redirecting.

30. Which command verifies the status of NSX-T Manager cluster nodes?

A. get managers
B. show cluster status
C. get cluster status
D. list nsx-nodes

Answer: C. get cluster status
Explanation: The get cluster status command on NSX Manager CLI shows health, leader, and quorum information of the NSX cluster.

31. Which NSX component is responsible for enforcing security policies at the VM level?

A. NSX Manager
B. NSX Controller
C. Distributed Firewall
D. Edge Services Gateway

Answer: C. Distributed Firewall
Explanation: The NSX Distributed Firewall (DFW) provides micro-segmentation and stateful firewalling at the VM virtual NIC level, enabling granular security policies.

32. What is the default MTU size recommended for VXLAN traffic in NSX?

A. 1400 bytes
B. 1500 bytes
C. 1550 bytes
D. 1600 bytes

Answer: D. 1600 bytes
Explanation: VXLAN adds approximately 50 bytes of overhead, so an MTU of 1600 bytes is recommended to prevent fragmentation when encapsulating standard 1500-byte packets.

33. In NSX, which component provides centralized control and management of the entire NSX environment?

A. NSX Controller
B. NSX Edge
C. NSX Manager
D. vSphere Client

Answer: C. NSX Manager
Explanation: NSX Manager acts as the centralized network management component and is responsible for deploying and configuring NSX components across the infrastructure.

34. What is the main benefit of micro-segmentation in NSX?

A. Improved WAN performance
B. Simplified L2 switching
C. Enhanced east-west traffic security
D. Support for IPv6 only

Answer: C. Enhanced east-west traffic security
Explanation: Micro-segmentation allows for security controls at the VM level, reducing attack surfaces by controlling lateral (east-west) traffic within the data center.

35. Which NSX-T component handles Tier-0 and Tier-1 logical routing?

A. Transport Node
B. NSX Controller
C. NSX Edge Node
D. Distributed Firewall

Answer: C. NSX Edge Node
Explanation: NSX Edge Nodes host centralized services like NAT, load balancing, and are responsible for North-South and inter-Tier routing in NSX-T environments.

36. What is required to enable Geneve encapsulation in NSX-T?

A. VXLAN VTEP configuration
B. Segment Profile
C. Transport Zone
D. Overlay Transport Zone

Answer: D. Overlay Transport Zone
Explanation: Geneve encapsulation is used in overlay transport zones to encapsulate Layer 2 traffic over Layer 3 networks in NSX-T.

37. Which feature in NSX allows automation of security rules based on VM attributes?

A. IP Sets
B. MAC Sets
C. Dynamic Security Groups
D. Manual Rules

Answer: C. Dynamic Security Groups
Explanation: Dynamic Security Groups automatically include or exclude VMs based on criteria like VM name, OS type, or tags, enhancing security automation.

38. What is the function of an NSX-T segment?

A. Performs routing between subnets
B. Defines a layer 2 broadcast domain
C. Provides NAT functionality
D. Acts as a DHCP server

Answer: B. Defines a layer 2 broadcast domain
Explanation: A segment in NSX-T is a logical switch that provides layer 2 connectivity (broadcast domain) over the overlay network.

39. In NSX, what is the purpose of the Transport Node Profile?

A. Define MTU settings
B. Deploy VMs
C. Configure firewall policies
D. Automate host preparation

Answer: D. Automate host preparation
Explanation: Transport Node Profiles streamline the configuration of NSX transport nodes by applying consistent settings like N-VDS and uplink profiles.

40. Which of the following is NOT a valid NSX-T segment type?

A. Overlay
B. VLAN
C. External
D. Trunk

Answer: C. External
Explanation: NSX-T supports Overlay, VLAN-backed, and Trunk segments, but “External” is not a recognized segment type.

41. Which feature enables live traffic tracing in NSX-T?

A. Traceflow
B. Packet Capture
C. Log Insight
D. Flow Monitoring

Answer: A. Traceflow
Explanation: Traceflow helps identify the path and behavior of packets in real time, useful for troubleshooting and validating firewall rules.

42. How are NSX firewall rules evaluated by default?

A. Alphabetically
B. Randomly
C. From top to bottom
D. Based on source IP

Answer: C. From top to bottom
Explanation: NSX firewall rules are evaluated sequentially from top to bottom, and the first matching rule is applied.

43. Which NSX-T feature allows connectivity to physical workloads in VLAN networks?

A. Uplink Profile
B. VLAN Segment
C. Edge Bridge
D. Gateway Firewall

Answer: C. Edge Bridge
Explanation: An Edge Bridge connects overlay segments to VLAN-backed networks, enabling communication between NSX and traditional physical workloads.

44. Which layer of the OSI model does the NSX Distributed Firewall operate at?

A. Layer 2
B. Layer 3
C. Layer 4
D. Layer 2–4

Answer: D. Layer 2–4
Explanation: The Distributed Firewall operates at layers 2 through 4, allowing filtering based on MAC, IP, ports, and protocols.

45. Which NSX-T service enables dynamic routing with physical routers?

A. Static Route
B. BGP
C. NAT
D. DHCP

Answer: B. BGP
Explanation: Border Gateway Protocol (BGP) is used to dynamically exchange routing information between NSX and external physical routers.

46. What is a key advantage of using NSX for network virtualization?

A. Reduced need for vCenter
B. Hardware-dependent network provisioning
C. Consistent policy enforcement across environments
D. Support only for Windows VMs

Answer: C. Consistent policy enforcement across environments
Explanation: NSX provides consistent networking and security policies across on-premises, cloud, and hybrid environments.

47. Which NSX feature enables grouping of IP addresses for use in firewall policies?

A. Service Composer
B. IP Set
C. Uplink Group
D. Security Tag

Answer: B. IP Set
Explanation: An IP Set is a collection of IP addresses that can be reused across multiple security policies or rules in NSX.

48. Which protocol does Geneve replace in NSX-T for overlay transport?

A. VXLAN
B. GRE
C. LISP
D. MPLS

Answer: A. VXLAN
Explanation: Geneve is the replacement for VXLAN in NSX-T, offering greater flexibility and extensibility for encapsulated overlays.

49. What is the role of the NSX-T Edge Node Cluster?

A. Deploy DFW rules
B. Provide management UI
C. Deliver centralized services
D. Configure IP pools

Answer: C. Deliver centralized services
Explanation: NSX Edge Node Clusters provide centralized services like NAT, DHCP, routing, and load balancing.

50. What is the maximum number of TEPs (Tunnel Endpoints) a host can have in NSX-T?

A. 1
B. 2
C. 4
D. Depends on configuration

Answer: D. Depends on configuration
Explanation: The number of TEPs per host depends on the transport node configuration and uplink profile settings, often ranging from 1 to multiple for redundancy.

51. Which NSX-T component collects network and security telemetry for analysis?

A. NSX Manager
B. NSX Controller
C. NSX Intelligence
D. NSX Edge

Answer: C. NSX Intelligence
Explanation: NSX Intelligence provides real-time visibility, analytics, and recommendations based on traffic and security telemetry.

52. In NSX-T, what ensures high availability of the NSX Manager cluster?

A. vSAN
B. Multi-site federation
C. Clustered deployment of 3 nodes
D. NSX Edge cluster

Answer: C. Clustered deployment of 3 nodes
Explanation: NSX Manager runs in a 3-node cluster to ensure high availability and resilience of the management plane.

53. What is the purpose of a Uplink Profile in NSX-T?

A. Define DFW rules
B. Map segments to VLANs
C. Specify NIC teaming and MTU settings
D. Enable routing protocols

Answer: C. Specify NIC teaming and MTU settings
Explanation: Uplink Profiles define how the host’s physical NICs are used, including load balancing, teaming, and MTU values.

54. What service is used to isolate tenant traffic in multi-tenant NSX environments?

A. Transport Zone
B. Segment ID Pool
C. TEP configuration
D. VRF Lite

Answer: D. VRF Lite
Explanation: VRF Lite allows multiple routing instances on a Tier-0 Gateway, isolating tenant networks while sharing the same infrastructure.

55. What is the recommended minimum number of NSX Manager nodes for production deployments?

A. 1
B. 2
C. 3
D. 5

Answer: C. 3
Explanation: A 3-node NSX Manager cluster is recommended for production environments to ensure redundancy and high availability.

56. What tool can be used to back up and restore NSX configurations?

A. NSX-T CLI
B. NSX-T API
C. NSX Manager GUI
D. All of the above

Answer: D. All of the above
Explanation: NSX configurations can be backed up and restored using the NSX Manager GUI, CLI, or RESTful API.

57. Which feature allows NSX-T to detect and prevent lateral movement of threats?

A. Edge Firewall
B. IDS/IPS
C. SNMP
D. VPN

Answer: B. IDS/IPS
Explanation: The Intrusion Detection and Prevention System (IDS/IPS) in NSX-T helps identify and block malicious activity moving within the network.

58. Which protocol is used by NSX-T for edge node and transport node communication?

A. GRE
B. BGP
C. Geneve
D. IPsec

Answer: C. Geneve
Explanation: Geneve is the encapsulation protocol used for overlay transport between NSX transport nodes and edge nodes.

59. What is the function of NSX Federation?

A. Enable vCenter integration
B. Link multiple NSX-T instances across sites
C. Replace DFW rules
D. Synchronize TEPs

Answer: B. Link multiple NSX-T instances across sites
Explanation: NSX Federation allows centralized management and policy enforcement across multiple NSX-T deployments in different locations.

60. Which component is required to provide north-south connectivity in NSX-T?

A. Distributed Router
B. Segment
C. NSX Edge Node
D. Transport Node

Answer: C. NSX Edge Node
Explanation: NSX Edge Nodes connect the logical (virtual) network to the physical world, enabling north-south routing.

You may also like...