Which three ways can membership be defined in a dynamic…

Which three ways can membership be defined in a dynamic security group? (Choose three.)

Which three ways can membership be defined in a dynamic security group? (Choose three.)

A.
Distributed Firewall Rules

B.
Locale ID

C.
Security Tags

D.
Security Groups

E.
Regular Expressions

Explanation:
https://pubs.vmware.com/NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUIDB9FC0D05-BE96-4D83-8C58-98B0F96DB342.html



Leave a Reply 2

Your email address will not be published. Required fields are marked *


Matz

Matz

I think it is C,D,E –

Aria

Aria

You are right, C,D and E are correct.
https://pubs.vmware.com/NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-DBA0522E-92DC-48F4-8801-49C92E001AA1.html

Security Group
You begin by creating a security group to define assets that you want to protect. Security groups may be static (including specific virtual machines) or dynamic where membership may be defined in one or more of the following ways:

vCenter containers (clusters, port groups, or datacenters)

Security tags, IPset, MACset, or even other security groups. For example, you may include a criteria to add all members tagged with the specified security tag (such as AntiVirus.virusFound) to the security group.

Directory Groups (if NSX Manager is registered with Active Directory)

Regular expressions such as virtual machines with name VM1

https://blogs.vmware.com/consulting/2015/01/automating-security-policy-enforcement-nsx-service-composer.html

ynamic membership of a security group can be defined by one or multiple criteria, like vCenter containers (data centers, port groups and clusters), security tags, Active Directory groups, regular expressions on virtual machine names, and so on.