[Oct-2021] Pass VMware 3V0-643 Exam in First Attempt Guaranteed!
Full 3V0-643 Practice Test and 23 unique questions with explanations waiting just for you, get it now!
NEW QUESTION 12 
Questions HOL LAB Modules and Pages for practice
1
http://docs.hol.vmware.com/hol-isim/HOL-2019/hol-1903-01-nsxinstall-p1.htm HOL-1903-01 Page 16 or you can directly Open a NSX manager in the lab and edit the existing settings bOpen PSC and NSX manager in HOL-1903-01 and look for NTP Server loand cation cExport existing vDS config and Import back the config for practice in HOL-1903-01 dNo Lab Module available
2
http://docs.hol.vmware.com/hol-isim/HOL-2019/hol-1903-01-nsxinstall-p2.htm and LAB - HOL 1903-01 Page 26-36
3LAB - HOL 1903-01 Module 2 - Page 37-38
4LAB - HOL 1903-01 Module 4 - Practice and understand whole module Bridging and other questions 7,
8, 9 and LAB - HOL-1925-02 Module 1
5LAB - HOL 1903-01 Module 4 - shows how to deploy NSX Edge, you can also deploy Distributed logical router DLR in the same way the lab.
6LAB - HOL 1903-01 Module 3 - Practice and understand the whole module, it will be use full for other question like 20 and 22
7LAB - HOL 1903-01 Module 4 - Practice and understand whole module Bridging and other questions 7,
8, 9
8LAB - HOL 1903-01 Module 4 - Practice and understand whole module Bridging and other questions 7,
8, 9
9LAB - HOL 1903-01 Module 4 - Practice and understand whole module Bridging and other questions 7,
8, 9
10LAB - HOL-1903-02 Module 1 and 2
11LAB - HOL-1903-02 Module 1 and 2
12LAB - HOL-1903-02 directly follow the steps in this document for practice
13LAB - HOL 1903-01 - open an NSX manager in LAB and directly follow the steps in this document.
14LAB - HOL 1903-01 - open postman in the lab and directly follow the steps in this document.
15LAB - HOL 1903-01 - directly follow the steps in this document for practice.
16LAB - HOL 1903-01 - directly follow the steps in this document for practice.
17LAB - HOL-1925-02 Module 1
18LAB - HOL-1925-02 Module 1
19 LAB - HOL-1925-02 - directly follow the steps in this document for practice.
20LAB - HOL 1903-01 Module 3 - Practice and understand the whole module.
21No Lab Module available
22LAB - HOL 1903-01 Module 3 - Practice and understand the whole module.
23LAB - HOL 1903-01 - open postman in the lab and directly follow the steps in this document.
(Exam Topic 1)
Two administrators (John and Chris) share admin responsibilities for an NSX deployment that is leveraging Centralized CLI as part of their management. Security requirements prohibit use of shared admin accounts in Site A.
Requirements:
NSX Manager: nsxmgr-01a.crop.local
New administrator accounts: "John" and "Chris"
Default password: VMware1!
Create accounts for John and Chris.
Use one of the newly created accounts to display all clusters enabled for the distributed firewall.
Use Putty's "Copy All to Clipboard" feature to paste the command and output to a text file dfw-NEW.txt on the ControlCenter desktop.
NOTE:
Screenshot is shown on how to use Putty's Copy all to Clipboard feature.
HOL LAB for Practice:
See the explanation part for complete solution.
Answer:
Explanation:
SOLUTION:
13:(1) select vccenter - a. select datacenter A and click right mouse button select administrator. select user and groups click on + sign. select user tab enter user name john password VMware1!. click ok . do same for chris.
(2) select datacenter A.
select manage tab. select permission. click + Sign. select Read Only from Assign Role. select All Privileges click on Add. select John and chris.checked Propagate to childern and click on OK.
(3) go NsX Manager. select Nsx Manage-a. select manage select user from tab. click + sign. select identity user. check specify vcenter user. enter user name [email protected] click next. select role Nsx Administrator. click finish. do same for chris. but use [email protected] and assign role of NsX administrator click finish.
6 of 336
Enable
VMware1!
Conf t
User john password plaintext VMware1!
User chris password plaintext VMWare1!
Exit
Write memory
Open new Putty session or Duplicate Session:
john
VMware1!
Show dfw cluster all
Ctrl+V don't work in exam.
NEW QUESTION 13
Complete the configuration of Dev-Edge to allow north-south routing connectivity for the new Dev-segment.
Workloads will have overlapping IP addressing with production workloads. The developers will RDP into a jump host server (Dev-Jumphost) on the Dev-Web segment. An RDP shortcut named To Dev-JumpHost.rdp has been created on the ControlCenter Desktop.
The following has been preconfigured on Dev-Edge:
The uplink interface on the Dev-Edge has been pre-configured to communicate the upstream Gateways and attached to Dev-to-PGs-Transit.
Dev-DLR-NEW and Dev-Edge interfaces have been preconfigured to communicate with each other.
ECMP has been disabled.
Requirements:
vCenter: vcsa-01a.corp.local
Credentials: [email protected] / VMware1!
Dev-Jumphost information:
Credentials: administrator / VMware1!
Internal IP of Dev-Jumphost: 172.16.10.100
External IP of Dev-Jumphost: 192.168.5.100
Connection Information:
Dev-Edge-Uplink IP: 192.168.5.3/24
Dev-Edge-Internal IP : 192.168.6.6/30
Preimeter-Gateway-01-Internal IP: 192.168.5.1/24
Preimeter-Gateway-02-Internal IP: 192.168.5.2/24
Logical switch: Dev-to-PGs-Transit
ECMP: Enabled.
BGP AS: 65001
Credentials for all Edge Devices: admin / VMware1!VMware1!
The networking team requires BGP as a routing protocol with an AS of 65001 for North-bound access for the Dev-environment.
Use the fewest number of static routes and utilize network prefixes to ensure accessibility to the Dev-Web-Tier-01-NEW within the Dev-environment.
Ensure Dev-Jumphost is on Dev-Web-Tier-01-NEW.
Ensure the ability to RDP into the Dev-Jumphost server from the production network (ControlCenter).
HOL LAB for Practice:
module, it will be use full for other question like 20 and 22
See the explanation part for complete solution.
Answer:
Explanation:
SOLUTION:
Static Routes on Dev-Edge:
Network:172.16.0.0/16
Next Hop:192.168.6.5
Interface:Dev-Transit
Uplink
192.168.5.100
Tcp
3389
172.16.10.100
3389
(1) Go to Vcenter-a. select network & Security. select NsX Edge.
(2) check the PGW01 configuration if everything is ok no need to do any changes specially ip address and routing. if not than select PGW01. select Manage. select routing select global configuration and enable routing. click publish changes.
be sure ECMP is enabled.
select BGP Configuration. click edit. select enable BGP, select Enable Graceful restart (select enable Default originate). enter AS 65001 click ok click publish changes
SSH to both Perimeter Routers and verify BGP neighborship.
Username: admin
Password: VMware1!VMware1!
Add jumphost VM to Dev-Web-Tier-01-NEW Logical Switch
NOTE:
192.168.5.100 interface is created in the next task only. So after testing the next task output, you should be able to get the RDP login.
NEW QUESTION 14
An NSX administrator has been troubleshooting a communication issue between Edge device TS-Comm-Edge-01 and the TS-Comm-DLR-01 logical router with no success and has reached out to you for further assistance. The following troubleshooting has already been performed.
Temporarily disabled the firewall between both devices.
Unsuccessful ping from TS-Comm-Edge-01 to TS-Comm-DLR-01
Unsuccessful ping from TS-Comm-DLR-01 to TS-Comm-Edge-01
Determine and resolve the communication issue between the two devices.
Requirements:
vCenter: vcsa01a.crop.local
Credentials: [email protected] / VMware1!
Troubleshooting Information:
Edge: TS-Comm-Edge-01 (192.168.33.1)
DLR: TS-Comm-DLR-01 (192.168.33.8)
Transit Network: TS-Comm-Transit
IP Subnet: 192.168.33.0/29
Ensure communication between both devices is successful.
NOTE:
IP addresses must remain unchanged.
HOL LAB for Practice:
See the explanation part for complete solution.
Answer:
Explanation:
SOLUTION:
Troubleshooting:
TS-Comm-Edge-01
Interfaces -> TS-Comm-Transit (change the subnet mask to 28)
Verification:
SSH to TS-Comm-Edge-01 (192.168.7.2) and ping 192.168.33.8
(2) select Ts-Comm-DLR-01 from Nsx Edge. select Manage tab. select Settings.
select interface. check the ip address and mask. and change the mask to /28.
click ok.
(3) select Manage Tab. select Routing. select global configuration. click edit.
select OSPF enter router ID 192.168.33.8 click ok. click on enable
click on publish changes.
(4) select OSPF. click edit. enable OSPF. Enter Protocol Address 192.168.33.7 enter forwarding address 192.168.33.8 (ip address of the vnic). click enable graceful restart. click ok.
(5) under area. click + Sign and add area 0. select type normal. select authentication none. click ok.
(6) under area to interface mapping. click on + sign. select interface uplink enter area 0. enter hello interval 10. dear interval 40. enter priority 128 enter cost 1. click ok. click publish changes.
(7) select TS-Comm-Edge-01. select manage select routing. select global configuration.
click edit under dynamic routing configuration.enter router id ts-comm 192.168.33.
click ok. click publish changes.
(8) select OSPF. click edit. enable OSPF. enable graceful restart. click ok.
select vnic transit. enter area 0. click on blue icon. change the subnet mastk to /28. click ok.
(9) select Firewall under manage Tab. click disable. click publish changes.
do the same steps for Ts-comm-DLR-01. and disable the firewall.
NEW QUESTION 15
In the Dev environment, you have the application and database servers on separate networks created previously. Configure inbound only network security to allow only Dev application servers access to Dev database servers using MYSQL service port.
Requirements:
vCenter: vcsa-01a.corp.local
Credentials: [email protected] / VMware1!
Service Port: MYSQL
Networks: Dev-App-Tier-01-NEW and Dev-DB-Tier-01-NEW
Credentials for Dev VMs: root / VMware1!
This rule should be in its own "DB security-NEW" section.
Ensure inbound only network security allows Dev application servers access to Dev database servers.
This rule should not be prpogated to all NSX prepared clusters.
This rule should be created in a way that any new virtual machines on App and DB segments will be secured.
This rule should be created with the fewest rule(s) possible.
All other servers should be denied.
Ensure inbound security requirements are met.
HOL LAB for Practice:
See the explanation part for complete solution.
Answer:
Explanation:
SOLUTION:
Firewall -> add new Section:
Add new Rule under newly created Section:
Edit Rule Name:
Source = Dev-App-Tier-01-NEW (LS)
Destination = Dev-DB-Tier-01-NEW (LS)
Service = MySQL
Allow - In
Applied To: Logical Switch = Dev-DB-Tier-01-NEW
Add another rule = To Deny
Set destination: Logical Switch = Dev-DB-Tier-01-NEW
Bring to last the Deny rule:
NEW QUESTION 16
You have been tasked with enabling syslog on the NSX Manager (nsmgr-01a.corp.local) and all NSX Controllers.
Requirements:
vCenter: vcsa-01a.crop.local
NSX Manager A: nsxmgr-01a.corp.local
Password: VMware1!
Syslog Information:
Server: 192.168.110.24
Port: 514
Protocol: UDP
Header Information:
Authentication: Basic
Content-Type: application/xml
Enable syslog for NSX Manager.
Enable syslog for NSX controllers.
HOL LAB for Practice:
See the explanation part for complete solution.
Answer:
Explanation:
SOLUTION:
Open API guide from desktop, scroll down for Controller Syslog URI.
In exam search function doesn't work so you should be familiar with the document.
In exam, user hostname instead of IP address (IP address wont work).
For version (2.0), also check API guide version, it could be 2.1 or 2.0 GET
https:// nsxmgr-01a.corp.local/api/2.0/vdn/controller/controller-1/syslog
Copy the required parameters from API guide or memorize.
Verify
Do the same for controller-2
Do the same for controller-3
NEW QUESTION 17
In the previous scenario, vCenter vcsa-b.corp.local was configured for NSX. Now the hosts must be prepared for NSX and the initial VXLAN configuration should be completed.
Requirements:
vCenter: vcsa-01b.corp.local
Credentials: [email protected] / VMware1!
Cluster: Compute Cluster 1B
ESXi Hosts: esx-01b.corp.local, esx-02b.corp.local
VTEP Information:
VMKNic Teaming Policy: Fail Over
VLAN: 0
MTU: 1600
IP Pools for VTEP:
* Name: Compute_1B_VTEP_Pool-New
* Gateway: 192.168.230.1
* Prefix Length: 24
* Static IP Pool: 192.168.230.51 - 192.168.230.60
* Segment ID Pool: 6001-7000 - HOL 1903-01 Page 26-36
* VXLAN Span: Compute Cluster 1B - HOL 1903-01 Page 26-36
* Transport Zone: Local-Transport-Zone-B-New - HOL 1903-01 Page 26-36
* Host must be prepared for NSX
* Use provided information to complete the initial VXLAN configuration.
* The underlying physical network does not support multicast.
* Ensure that requirements are met:
* Create the IP Pool as given:
* Do the Host preparation.
* Create a Local Transport Zone as given. - HOL 1903-01 Page 26-36
* Create the segment ID as given. - HOL 1903-01 Page 26-36
HOL LAB for Practice:
http://docs.hol.vmware.com/hol-isim/HOL-2019/hol-1903-01-nsxinstall-p2.htm and LAB - HOL 1903-01 Page 26-36 See the explanation part for complete solution.
Answer:
Explanation:
SOLUTION:
HOL 1903-01 Page 26-36
Login to vCenter b Web Client and from Networking and Security -> Installation -> select to SiteB NSX Manager -> Host Preparation and prepare the hosts as below:
Add Static Pool as per give details in the QUESTION
NEW QUESTION 18
The troubleshooting NSX deployment is growing and running out of compute capacity. An additional ESXi host is being added for VXLAN.
Host preparation has failed on esx-05a.corp.local on several attempts and the Compute Cluster 2A was left in an error state, determine and resolve the issue.
Requirements:
vCenter: vcsa-01a.corp.local
Credentials: [email protected] / VMware1!
Cluster: Compute Cluster 2A
IP Pool: Compute-2A
Transport Zone: Local-Transport-Zone-A
Esx-05a.corp.local IP information:
IP: 192.168.110.58
Netmask: 255.255.255.0
Gateway: 192.168.110.1
DNS: 192.168.110.10
1-Resolve deployment issue.
2-Prepare esx-05-a.corp.local for NSX in Compute Cluster 2A.
3-Ensure once the issue is resolved with the Compute Cluster 2A cluster, that it is connected to Local-Transport-Zone-A.
HOL LAB for Practice:
No Lab Module available
See the explanation part for complete solution.
Answer:
Explanation:
SOLUTION:
Follow the steps as:
NEW QUESTION 19
You have been tasked with modifying an existing NSX API call to capture flow information for an organization. The existing API call is located on the ControlCenter desktop in a file name flowapi.txt.
The API call should be modified to collect Layer3 flow statistics between the dev-web-01a and the ControlCenter virtual machine.
Requirements:
vCenter: vcsa01a.corp.local
Credential: [email protected] / VMware1!
File location: flowapi.txt on the desktop of ControlCenter.
Modify and Save the existing API call to capture the requested information.
A REST Client has been added to Chrome and Firefox for this exercise.
Output the Response Body to a text file called apiresults.txt on the desktop of ControlCenter.
******************flowapi.txt***********************
https://<nsxmgr-ip>/api/2.1/app/flow/flowstats?contextId=datacenter-21&flowType=TCP_UDP&startTime
=0&endTime=
https://192.168.110.15/api/2.1/app/flow/flowstats?contextId=vm-26&flowType=Layer3&startTime=0&endT ime=1320917094000&
******************flowapi.txt***********************
HOL LAB for Practice:
See the explanation part for complete solution.
Answer:
Explanation:
SOLUTION:
Access the MOB by entering the following URL
https://vcsa-01a.corp.local/mob
[email protected]
VMware1!
Note down the vm number of dev-web-01a (in exam its like vm-216)
Then update flowapi.txt as
******************flowapi.txt***********************
https://<nsxmgr-ip>/api/2.1/app/flow/flowstats?contextId=datacenter-21&flowType=TCP_UDP&startTime
=0&endTime=
https://192.168.110.15/api/2.1/app/flow/flowstats?contextId=vm-216&flowType=Layer3
&startTime=0&endTime=1320917094000&startIndex=0&pageSize=2
******************flowapi.txt***********************
Then go to RESTClient.
GET
https://192.168.110.15/api/2.1/app/flow/flowstats?contextId=vm-216&flowType=Layer3
&startTime=0&endTime=1320917094000&startIndex=0&pageSize=2
SEND
Copy the content of "Response Body"
Paste in notepad and Save As "apiresults.txt"on the desktop of ControlCenter.
NEW QUESTION 20
The security team has requested that [email protected] have the ability to fully manage NSX Manager (192.168.210.15) for Site B.
Requirements:
vCenter: vcsa-01b.corp.local
Credentials: [email protected] / VMware1!
Ensure [email protected] has the ability to fully manage NSX Manager in SiteB.
NOTE:
You may have to log out of the web client and back in for 192.168.210.15 to show in web client.
HOL LAB for Practice:
See the explanation part for complete solution.
Answer:
Explanation:
SOLUTION:
NSX Manager in SiteB
[email protected]
go to Nsx manager - b. select Manage Vcenter registration. check if lookup service is configured if not configured it will the details.
lookup service ip = Nsx Manager - a IP Address
Lookup service port = 7444
Lookup service= https://192.168.110.15:7444/lookupservice/sdk
SSO administrator = [email protected]
password = VMware1!
click on ok. click on yes.
NOTE: it will show u connected. if not connected. logout and login again
NEW QUESTION 21
......
Get Latest 3V0-643 Dumps Exam Questions in here: https://www.itexamreview.com/3V0-643-exam-dumps.html
