If the Applied To scope is set to Distributed Firewall, which virtual machines will have the firewall rule
applied?
A.
Only the virtual machines defined in the Source field.
B.
Only virtual machines defined in the Destination field.
C.
All virtual machines in a Datacenter.
D.
All virtual machines on prepared hosts.
Explanation:
http://www.routetocloud.com/2015/04/nsx-distributed-firewall-deep-dive/
By default when we’re creating a firewall rule in NSX, the “Applied to” field is set to “Distributed Firewall”. The firewall rule will be stored in NSX manager’s database and will be applied to all VMs vNICs, regardless of the VMs location.
I think, D is correct. C is similar to D, but not same.
Key thing is, “Prepared Host”.
if you choose C, the mean whether Hosts are not installed VIB for distributed firewall can supply DSW function to vms running on them. But without VIB and DSW process on hosts, VMs will not be protected by DSW.
Choice D, the “prepared hosts” means vms will be running on hosts those are installed DSW VIB through “Host Preparation”.
so, D is answer.