VMware vDefend Security for VCF 5.x Administrator - 6V0-21.25 Exam Questions [2025]

QUESTION NO: 1
Which two capabilities are supported by the Shared Services Platform (SSP) in VMware vDefend?
(Choose two)
Response:

A. Automatically encrypting VM disk volumes B. Generating traffic visibility for segmentation planning C. Managing NSX Edge cluster placement D. Detecting advanced threats using behavioral analysis E. Integrating with identity-aware enforcement mechanisms

Correct Answer: B,D

QUESTION NO: 2
Which three security features can be enforced using Gateway Firewall policies in NSX?
(Choose three)
Response:

A. L2 switching between VMs B. Cluster-level backup operations C. North-south traffic segmentation D. Stateful packet inspection E. NAT and VPN rule enforcement

Correct Answer: C,D,E

QUESTION NO: 3
Which component allows administrators to view intrusion detection alerts and threat severity in NSX?
Response:

A. NSX Edge CLI B. vRealize Network Insight C. vSphere Host Web Client D. NSX Security Overview Dashboard

Correct Answer: D

QUESTION NO: 4
What component must be enabled to perform flow-based behavioral analysis for NDR in NSX?
Response:

A. NSX Edge Load Balancer B. NSX Intelligence C. NSX Federation Global Manager D. vCenter Alarms

Correct Answer: B

QUESTION NO: 5
Which two data sources does NSX use for malware detection and correlation?
(Choose two)
Response:

A. ESXi host names B. vMotion history logs C. NSX Certificate Store D. File reputation databases E. Threat Intelligence Feeds

Correct Answer: D,E

QUESTION NO: 6
When NSX Malware Prevention detects a suspicious file, what is the typical default behavior?
Response:

A. Move the file to a backup location B. Forward the file to the tenant's email for verification C. Automatically shut down the infected VM D. Block the file and generate a security alert

Correct Answer: D

QUESTION NO: 7
What is the primary function of the Malware Prevention capability within NSX?
Response:

A. It logs all DNS lookups in the virtual network B. It detects and blocks malicious files in traffic passing through virtual workloads C. It backs up NSX configurations automatically D. It enforces physical switch port security

Correct Answer: B

QUESTION NO: 8
Which three capabilities are available through NSX IDPS threat signature configuration?
(Choose three)
Response:

A. Define signature-based segmentation policies B. Enable or disable specific attack signatures C. Customize threshold values for alert triggers D. Apply threat profiles to specific workloads E. Assign severity levels to IDS alerts

Correct Answer: B,D,E

QUESTION NO: 9
Which three types of traffic can be inspected and controlled by vDefend firewall policies in a distributed architecture?
(Choose three)
Response:

A. vMotion traffic between hosts B. East-west inter-VM traffic C. North-south traffic to/from external clients D. Management traffic from vCenter E. Internal application tier traffic

Correct Answer: B,C,E

QUESTION NO: 10
A security administrator suspects that a service insertion policy is not working as expected. Which NSX Manager feature can be used to validate the health status of the associated service instance?
Response:

A. Policy Traceflow B. Service Deployment Status under the NSX Inventory C. Host Profiles Dashboard D. ESXi Hardware Status tab

Correct Answer: B