Which three ways can membership be defined in a dynamic security group? (Choose three.)
A.
Distributed Firewall Rules
B.
Locale ID
C.
Security Tags
D.
Security Groups
E.
Regular Expressions
Explanation:
https://pubs.vmware.com/NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUIDB9FC0D05-BE96-4D83-8C58-98B0F96DB342.html
I think it is C,D,E –
You are right, C,D and E are correct.
https://pubs.vmware.com/NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-DBA0522E-92DC-48F4-8801-49C92E001AA1.html
Security Group
You begin by creating a security group to define assets that you want to protect. Security groups may be static (including specific virtual machines) or dynamic where membership may be defined in one or more of the following ways:
■
vCenter containers (clusters, port groups, or datacenters)
■
Security tags, IPset, MACset, or even other security groups. For example, you may include a criteria to add all members tagged with the specified security tag (such as AntiVirus.virusFound) to the security group.
■
Directory Groups (if NSX Manager is registered with Active Directory)
■
Regular expressions such as virtual machines with name VM1
https://blogs.vmware.com/consulting/2015/01/automating-security-policy-enforcement-nsx-service-composer.html
ynamic membership of a security group can be defined by one or multiple criteria, like vCenter containers (data centers, port groups and clusters), security tags, Active Directory groups, regular expressions on virtual machine names, and so on.