Date post: | 10-Dec-2023 |
Category: |
Documents |
Upload: | independent |
View: | 0 times |
Download: | 0 times |
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
1
VCP-NV Exam testing center exam code: VCPN610 Exam Blueprint Version 1.0 July 8 2014
Disclaimer: This blueprint is intended to provide information about the objectives covered by this exam, related resources, and recommended courses. The material contained within this blueprint is not intended to guarantee that a passing score will be achieved on the exam. VMware recommends that a candidate thoroughly understands the objectives indicated in this guide and utilizes the resources and courses recommended in this guide where needed to gain that understanding.
Blueprint Authors: Jon C. Hall
Jeff Hall
Contributors: TBD
VMware Certified Professional – Network Virtualization Exam Blueprint
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
2
Table of Contents
1. The Exam ............................................................................................................................................................. 3
1.1 Purpose of Exam ........................................................................................................................................... 3
1.2 Number of Questions.................................................................................................................................... 3
1.3 Passing Score ................................................................................................................................................ 3
1.4 How Objectives Relate to Questions on the Exam ....................................................................................... 3
1.5 Languages ..................................................................................................................................................... 3
1.6 Time Limit ..................................................................................................................................................... 3
1.7 Scheduling and Taking the Exam .................................................................................................................. 4
1.8 Certification Tracks ....................................................................................................................................... 4
1.9 Recertification ............................................................................................................................................... 4
1.10 Retake Policy ............................................................................................................................................... 5
1.11 Exam Security .............................................................................................................................................. 5
2. Intended Audience .............................................................................................................................................. 5
2.1 Intended Audience ........................................................................................................................................ 5
3. Objectives covered in the VCP-NV Exam ............................................................................................................ 5
3.1 Introduction .................................................................................................................................................. 5
3.2 Objectives ..................................................................................................................................................... 5
4. VCP-NV Paths and Course Requirement Options ............................................................................................. 24
4.1 VCP-NV Path Options .................................................................................................................................. 24
4.2 Course Requirement ................................................................................................................................... 24
5. Additional Resources ........................................................................................................................................ 25
5.1 Practice Exam .............................................................................................................................................. 25
5.2 VCP Community .......................................................................................................................................... 25
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
3
1. The Exam
1.1 Purpose of Exam
The VMware Certified Professional – Network Virtualization (VCP-NV) Exam tests candidates on their skills and abilities installing, configuring and administering a VMware NSX environment. Successful candidates demonstrate mastery of these skills and abilities.
1.2 Number of Questions
The VCP-NV Exam consists of 120 questions and a short pre-exam survey consisting of 8 questions.
1.3 Passing Score
The passing score for this exam is 300, using a scaled scoring method. The scale is from 100-500. Scaled scores are calculated using a mathematical formula that considers a variety of factors, including the number and type of exam questions included in a specific version of the exam. Because this combination may vary in different versions of the same examination, scaled scores provide a fair score for each individual based on the version of the exam taken.
1.4 How Objectives Relate to Questions on the Exam
Objectives summarize what the test is designed to measure. Objectives are developed by Exam Developers and Subject Matter Experts based on identified tasks that relate to the job of implementing and administering a vSphere environment. Once the initial development process is complete, these objectives are verified using an external group of individuals in the actual job role. The external survey determines the number of questions for each objective, which relates directly to the criticality of the task in the job role.
1.5 Languages
The exam is available in English.
1.6 Time Limit
The time limit for the exam is 120 minutes, with an additional 15 minutes to complete the survey questions and agreements. Candidates who take the VCPN610 Exam and have a home address in a country where English is not a primary language will have an additional 30 minutes added to the exam time. This time extension is automatic, no additional action is required from the candidate. For the purposes of this exam, countries where English is considered one of the primary languages are Australia, Belize, Bermuda, Canada, Guernsey, Isle of Man, Ireland, Jersey, New Zealand, South Africa, the United Kingdom, and the United States.
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
4
1.7 Scheduling and Taking the Exam
This exam is administered through Pearson VUE. Details on the rules and procedures associated with requesting authorization, registering, and sitting for the exam are available here. For the latest certification news and more, please sign up for updates.
1.8 Certification Tracks
The VCP-NV Exam is a core component of the VCP-NV certification. The certification requires a passing score on the exam and successful completion of a required VMware authorized course. Courses that meet this requirement are listed in section 4.
The VCP-NV certification is a requirement for several certification tracks, including the VMware Certified Implementation Expert – Network Virtualization (VCIX-NV) and the VMware Certified Design Expert – Network Virtualization (VCDX-NV).
1.9 Recertification
The recertification policy helps ensure that all VCP holders are current in their VMware training, and encourages certified professionals to expand the depth and breadth of their knowledge by recertifying in a different track or at a higher level.
Certification holders must recertify within two years of earning their most recent VCP certification. Prerequisite course requirements are waived, but the exam and exam cost are the same as those required for initial certification.
There are three ways to recertify:
Take the current exam for the VCP certification currently held. For example, a VCP3 could take the
current VCP-Network Virtualization (VCPN610) exam.
Earn a new VCP certification in a different solution track. For example, a VCP-Cloud could recertify by
earning a VCP-NV (VCPN610) certification.
Advance to the next level by earning a VMware Certified Implementation Expert (VCIX) certification.
Certification holders who do not maintain training currency will have their certifications revoked. Re-earning a revoked certification requires satisfying the same prerequisites as any candidate attempting to earn that certification for the first time. Revoking certification entails:
Loss of access to the VCP portal
Loss of the right to use VMware certification logos
Notification of the lost certification status on MyLearn transcripts
For more information on the certification program or to register for our recommended courses, please visit vmware.com/go/recertification or contact [email protected].
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
5
1.10 Retake Policy
If a candidate fails an exam on the first attempt, he or she must wait seven calendar days from their original appointment time before he or she can register to retake the exam. There is no limit to the number of retakes a candidate can attempt, but the same waiting period applies after each failed attempt. Once the exam is passed, a candidate may not make any further attempts. Please note that the exam is only available for a limited time, after which the retake policy would apply to the live exam.
1.11 Exam Security
VMware reserves the right to refuse certifying a candidate who violates exam security policies. This includes copying and redistribution of exam material, using any type of study material during the exam itself, attempting to photograph exam items and taking an exam using a false identity. Pearson VUE testing centers will take your photo and capture your digital signature upon arrival to take the exam.
2. Intended Audience
2.1 Intended Audience
A candidate for the VCP-NV certification has approximately six months experience working with NSX implementations. They are typically infrastructure personnel for networking, datacenter and cloud administrators, as well as virtualization specialists who have a strong understanding of the relationship between physical and virtual network infrastructures and is capable of installing, configuring, managing, and troubleshooting VMware NSX. The successful candidate will most likely have one or more industry recognized networking certifications or equivalent experience (typically 2-3 years) and a familiarity with datacenter virtualization.
3. Objectives covered in the VCP-NV Exam
3.1 Introduction
It is recommended that candidates have the knowledge and skills necessary to install, configure and administer an NSX environment before taking the VCP-NV Exam. It is also recommended that the candidate complete the course requirement prior to attempting the exam. It is not required that the course is completed prior to the exam, but the course requirement must be completed in order to obtain the VCP-NV certification.
3.2 Objectives
Prior to taking this exam, candidates should understand each of the following objectives. Each objective is listed below; along with related tools the candidate should have experience with, and related documentation that contains information relevant to the objective. All objectives may also be referenced in other product
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
6
documentation not specifically highlighted below. The candidate should be familiar with all relevant product documentation or have an equivalent skillset.
Section 1 – Define VMware NSX Technology and Architecture
Objective 1.1 – Describe the Benefits of a VMware NSX Implementation
Knowledge
Identify challenges within a physical network interface
Explain common VMware NSX terms
Describe and differentiate functions and services performed by VMware NSX
Describe common use cases for VMware NSX
Tools
VMware NSX Datasheet
VMware NSX Network Virtualization Platform white paper
VMware NSX Network Virtualization Design Guide
Objective 1.2 – Describe VMware NSX Architecture
Knowledge
Identify the components in a VMware NSX stack
Identify common physical network topologies
Describe a basic VMware NSX topology
Differentiate functional services delivered by a VMware NSX stack
Tools
VMware NSX Network Virtualization Design Guide
NSX Administration Guide
Objective 1.3 – Differentiate VMware Network and Security Technologies
Knowledge
Identify upgrade requirements for ESXi hosts
Identify steps required to upgrade a vSphere implementation
Describe core vSphere networking technologies
Describe vCloud Networking and Security technologies
Describe and differentiate VMware NSX for vSphere and VMware NSX for third-party hypervisors
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
7
Tools
vSphere Installation and Setup Guide
vSphere Upgrade Guide
vSphere Networking Guide
VMware vCloud Networking and Security Overview white paper
NSX Administration Guide
NSX User’s Guide
Objective 1.4 – Contrast Physical and Virtual Network Technologies
Knowledge
Differentiate logical and physical topologies
Differentiate logical and physical components (i.e. switches, routers, etc.)
Differentiate logical and physical services (i.e. firewall, NAT, etc.)
Differentiate between physical and logical security constructs o Service Composer o Endpoint Security o Data Security
Tools
VMware NSX Network Virtualization Design Guide
NSX User’s Guide
Objective 1.5 –Explain VMware NSX Integration with Third-Party Products and Services
Knowledge
Describe integration with third-party hypervisors
Describe integration with third-party cloud automation
Describe integration with third-party services o Network services o Security services
Describe integration with third-party hardware o Network Interface Cards (NICs) o Terminating overlay networks
Manually register a third-party service with NSX
Install a third-party service with NSX
Tools
NSX Administration Guide
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
8
Next Generation Security with VMware NSX and Palo Alto Networks VM-Series white paper
Deploying VMware NSX with Cisco UCS and Nexus 7000
Objective 1.6 –Explain VMware NSX Integration with vCloud Automation Center (vCAC)
Knowledge
Describe integration with vCAC
Explain NSX deployment capabilities built into vCAC
List NSX components that can be pre-created using vCAC
Describe Network Profiles available in vCAC
Explain NSX preparation tasks that must be completed prior to attaching a network profile to a blueprint
Explain vCAC preparation tasks that must be completed prior to deploying a machine with on-demand network services
Tools
IaaS Configuration for Virtual Platforms
IaaS Configuration for Multi-Machine Services
Section 2 – Plan and Configure vSphere Networking
Objective 2.1 – Define Benefits of Running VMware NSX on Physical Network Fabrics
Knowledge
Identify physical network topologies (Layer 2 Fabric, Multi-Tier, Leaf/Spine, etc.)
Identify physical network trends
Explain the purpose of a Spine node
Explain the purpose of a Leaf node
Identify virtual network topologies (Enterprise, Service Provider Multi-Tenant, Multi-Tenant Scalable)
Explain benefits of Multi-Instance TCP/IP stack
Describe challenges in a Layer 2 Fabric topology
Describe challenges in a Multi-Tier topology
Describe challenges in a Leaf/Spine topology
Differentiate physical/virtual QoS implementation
Differentiate single/multiple vSphere Distributed Switch (vDS) Distributed Logical Router implementations
Differentiate NSX Edge High Availability (HA)/Scale-out NSX NSX Edge HA implementations
Differentiate Collapsed/Separate vSphere Cluster topologies
Differentiate Layer 3 and Converged cluster infrastructures
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
9
Tools
VMware NSX Network Virtualization Design Guide
NSX User’s Guide
Objective 2.2 – Describe Physical Infrastructure Requirements for a VMware NSX Implementation
Knowledge
Identify management and edge cluster requirements
Describe minimum/optimal physical infrastructure requirements for a VMware NSX implementation
Describe how traffic types are handled in a physical infrastructure
Determine use cases for available virtual architectures
Describe ESXi host vmnic requirements
Differentiate virtual to physical switch connection methods
Describe VMkernel networking recommendations
Tools
VMware NSX Network Virtualization Design Guide
NSX User’s Guide
Section 3 – Configure and Manage vSphere Networking
Objective 3.1 – Configure and Manage vSphere Standard Switches (vSS)
Knowledge
Identify vSS capabilities
Add/Configure/Remove vmnics on a vSS
Configure vmkernel ports for network services
Add/Edit/Remove port groups on a vSS
Determine use cases for a vSphere Standard Switch
Tools
vSphere Installation and Setup Guide
vSphere Networking Guide
vSphere Web Client
vSphere Client
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
10
Objective 3.2 – Configure and Manage vSphere Distributed Switches (vDS)
Knowledge
Identify vDS capabilities
Create/Delete a vDS
Add/Remove ESXi hosts from a vDS
Edit general vSphere vDS settings
Add/Configure/Remove dvPortgroups
Configure dvPort settings
Add/Remove uplink adapters to dvUplinkgroups
Create/Configure/Remove virtual adapters
Migrate virtual adapters to/from a vSS
Migrate virtual machines to/from a vDS
Monitor dvPort state
Determine use cases for a vDS
Tools
vSphere Installation and Setup Guide
vSphere Networking Guide
vSphere Web Client
vSphere Client
Objective 3.3 – Configure and Manage vSS and vDS Policies
Knowledge
Identify common vSS and vDS policies
Configure dvPortgroup blocking policies
Configure load balancing and failover policies
Configure VLAN settings
Configure traffic shaping policies
Enable TCP Segmentation Offload (TOE) support for a virtual machine
Enable Jumbo Frame support on appropriate components
Determine appropriate VLAN configuration for a vSphere implementation
Tools
vSphere Installation and Setup Guide
vSphere Networking Guide
vSphere Web Client
vSphere Client
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
11
Section 4 – Install and Upgrade VMware NSX
Objective 4.1 – Configure Environment for Network Virtualization
Knowledge
Configure the physical infrastructure (MTU, Dynamic Routing for edge, etc.)
Prepare a new vSphere infrastructure o Configure Quality of Service (QoS) o Configure Link Aggregation Control Protocol (LACP)
Configure an existing vSphere infrastructure o Upgrade VMware Tools
Explain how IP address assignments work in VMware NSX
Identify minimum permissions required to deploy NSX in a vSphere environment
Tools
vSphere Networking Guide
NSX Administration Guide
vSphere Web Client
Objective 4.2 – Deploy VMware NSX Components
Knowledge
Install NSX Manager
Register NSX Manager with vCenter Server
Install NSX License
Prepare ESXi hosts
Deploy NSX Controllers
Assign Segment IP pool and Multicast addresses
Configure VXLAN Transport
Install NSX Edge
Install vShield Endpoint
Install Data Security
Create an IP pool
Tools
NSX Installation and Upgrade Guide
NSX Manager
vSphere Web Client
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
12
Objective 4.3 – Upgrade Existing vCNS/NSX Implementation
Knowledge
Verify upgrade prerequisites have been met
Upgrade vCNS 5.5 to NSX 6.x
Upgrade vCNS Virtual Wires to NSX Logical Switches
Upgrade to NSX Components o Upgrade to NSX Firewall o Upgrade to NSX Edge o Upgrade vShield Endpoint from 5.5 to 6.x o Upgrade to NSX Data Security
Upgrade NSX Manager from 6.0 to 6.x
Update vSphere Clusters after NSX upgrade
Tools
NSX Installation and Upgrade Guide
vSphere Web Client
Objective 4.4 – Expand Transport Zone to Include New Cluster(s)
Knowledge
Explain the function of a Transport Zone
Add a Transport Zone
Expand/Contract a Transport Zone
Edit a Transport Zone
Change the Control Plane mode for a Transport Zone
Tools
NSX Installation and Upgrade Guide
NSX Administration Guide
vSphere Web Client
Section 5 – Configure VMware NSX Virtual Networks
Objective 5.1 – Create and Administer Logical Switches
Knowledge
Configure IP address assignments
Add/Remove a logical switch
Modify control plane mode
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
13
Connect a logical switch to an NSX Edge gateway
Deploy services to a logical switch
Connect/Disconnect virtual machines
Test logical switch connectivity
Determine distributed virtual switch type and version for a given NSX implementation
Tools
NSX Installation and Upgrade Guide
NSX Administration Guide
NSX Manager
vSphere Web Client
Objective 5.2 – Configure VXLAN
Knowledge
Identify where to install and configure VXLAN
Identify physical network requirements
Prepare a cluster for VXLAN
Determine the appropriate teaming policy for a given implementation
Add/Edit/Expand/Contract transport zones
Prepare VXLAN Tunnel End Points (VTEPs) on clusters
Tools
NSX Installation and Upgrade Guide
NSX Administration Guide
NSX Manager
vSphere Web Client
Objective 5.3 – Configure and Manage Layer 2 Bridging
Knowledge
Identify High Availability requirements for Layer 2 Bridging
Add a Layer 2 Bridge to an NSX Edge device
Determine when Layer 2 Bridging would be required for a given NSX implementation
Determine when multiple Layer 2 Bridges are required for a given NSX implementation
Tools
NSX Installation and Upgrade Guide
NSX Administration Guide
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
14
NSX Manager
vSphere Web Client
Objective 5.4 – Configure and Manage Logical Routers
Knowledge
Describe and differentiate router interfaces
Determine controller and logical switch requirements for logical router deployment
Add a logical router
Configure distributed routing
Configure a management interface
Configure High Available for a logical router
Configure edge routing
Configure routing protocols o Static o OSPF o BGP o IS-IS
Configure default gateway
Add/Delete a static route
Determine if cross-protocol route sharing is needed for a given NSX implementation
Tools
NSX Installation and Upgrade Guide
NSX Administration Guide
NSX Manager
NSX CLI
vSphere Web Client
Section 6 – Configure and Manage NSX Network Services
Objective 6.1 – Configure and Manage Logical Load Balancing
Knowledge
Identify general ESXi host troubleshooting guidelines
Configure global load balancing configuration
Create a service monitor
Add/Edit/Delete a server pool
Add/Edit/Delete an application profile
Add/Edit/Delete virtual servers
Configure global server load balancing
Determine appropriate NSX Edge instance size based on load balancing requirements
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
15
Tools
NSX Installation and Upgrade Guide
NSX Administration Guide
HAProxy Configuration Manual
NSX Manager
vSphere Web Client
Objective 6.2 – Configure and Manage Logical Virtual Private Networks (VPN)
Knowledge
Configure IPSec VPN o Add/Edit/Disable IPSec VPN Service o Configure IPSec VPN parameters o Enable logging
Configure Layer 2 VPN o Enable Layer 2 VPN o Add Layer 2 VPN Client/Server o View Layer 2 VPN Statistics
Configure Network Access/Web Access SSL VPN-Plus o Edit Client Configurations o Edit General Settings o Edit Web Portal Designs o Add/Edit/Delete IP Pools o Enable/Disable IP Pools o Add/Edit/Delete Private Networks o Enable/Disable Private Networks o Add/Edit/Delete Installation Packages o Add/Edit/Delete Users o Add/Edit/Delete Login/Logoff script o Enable/Disable Login/Logoff script
Determine appropriate VPN service type for a given NSX implementation
Determine appropriate NSX Edge instance size based on load balancing requirements
Tools
NSX Installation and Upgrade Guide
NSX Administration Guide
NSX Manager
vSphere Web Client
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
16
Objective 6.3 – Configure and Manage DHCP/DNS/NAT
Knowledge
Add/Edit a DHCP IP pool
Enable a DHCP IP pool
Add/Edit DHCP static binding
Configure DNS services
Add Source NAT (SNAT) rule
Add Destination NAT (DNAT) rule
Tools
NSX Administration Guide
NSX Manager
vSphere Web Client
Objective 6.4 – Configure and Manage Edge Services High Availability
Knowledge
Describe NSX Edge High Availability
Explain Edge High Availability best practices
Describe service availability during an Edge High Availability failover
Differentiate NSX Edge High Availability and vSphere High Availability
Configure NSX Edge High Availability o Configure heartbeat settings o Configure management IP addresses
Modify and existing Edge High Availability deployment
Determine resource pool requirements for a given Edge High Availability configuration
Tools
NSX Administration Guide
NSX Manager
vSphere Web Client
Section 7 – Configure and Administer Network Security
Objective 7.1 – Configure and Administer Logical Firewall Services
Knowledge
Add/Edit/Delete an Edge Firewall rule
Configure Source/Destination/Service/Action rule components
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
17
Change the order of an Edge Firewall rule
Change the priority of an Edge Firewall rule
Tools
NSX Administration Guide
vSphere Web Client
Objective 7.2 – Configure Distributed Firewall Services
Knowledge
Differentiate between Layer 2 and Layer 3 rules
Differentiate between entity-based and identity-based rules
Identify firewall rule entities
Explain rule processing order
Explain rule segregation
Add/Delete a Distributed Firewall rule
Configure Source/Destination/Service/Action rule components
Change the order of a Distributed Firewall rule
Add/Merge/Delete a Distributed Firewall rule section
Determine publishing requirements for rules in a given NSX implementation
Import/Export Distributed Firewall Configuration
Load Distributed Firewall configuration
Determine need for excluding virtual machines from distributed firewall protection
Configure and manage SpoofGuard o Create a SpoofGuard policy o Approve IP addresses o Edit/Clear IP addresses
Tools
NSX Administration Guide
vSphere Web Client
Objective 7.3 – Configure and Manage Service Composer
Knowledge
Identify assets that can be used with a Security Group
Identify services contained in a Security Policy
Identify common Service Composer use cases
Differentiate Security Groups and Security Policies
Create/Edit a Security Group in Service Composer
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
18
Create/Edit/Delete a Security Policy
Map a Security Policy to a Security Group
Add/Edit/Delete a Security Tag
Assign and view a Security Tag
Tools
NSX Administration Guide
vSphere Web Client
Section 8 – Perform Operations Tasks in a VMware NSX Environment
Objective 8.1 – Configure Roles, Permissions, and Scopes
Knowledge
Identify default roles
Explain Single Sign-On (SSO) integration
Assign a role to a vCenter Server user
Assign objects to a user
Configure SSO
Enable/Disable a user account
Edit/Delete a user account
Tools
NSX Administration Guide
vSphere Web Client
Objective 8.2 – Describe NSX Automation
Knowledge
Identify API-only functionality
Explain how REST APIs work
Describe how to use the NSX API in a supported browser
Identify port requirements for the NSX API
Describe common use cases for VMware NSX API
Explain how to access the VMware NSX API
Modify an existing API workflow
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
19
Tools
NSX vSphere API Guide
NSX API
Objective 8.3 – Monitor a VMware NSX Implementation
Knowledge
Identify available monitoring methods (UI, CLI, API, etc.)
Monitor infrastructure components o Control Cluster Health o Manager Health o Hypervisor Health
Perform Inbound/Outbound activity monitoring
Enable data collection for single/multiple virtual machines
Perform virtual machine activity monitoring
Monitor activity between inventory containers (security groups, AD groups)
Analyze network and security metrics in vCOPS
Monitor logical networks and services o Identify available statistics/counters o Network/service health o Configure and collect data from network
Tools
NSX Administration Guide
NSX Command Line Interface Reference Guide
NSX Controller CLI
vSphere Web Client
vCenter Operations Manager (vCOPS)
Objective 8.4 – Perform Auditing and Compliance
Knowledge
Identify applicable logs for auditing
Identify permissions for auditing
Identify common data security regulations supported by NSX Data Security
Identify common file formats supported by NSX Data Security
Describe and differentiate information available in audit logs
Use flow monitoring to audit firewall rules
Audit deleted users
Audit infrastructure changes
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
20
View NSX Manager audit logs and change data
Configure NSX Data Security
Create a Data Security policy
Run a Data Security scan
View and download compliance reports
Create a regular expression
Tools
NSX Administration Guide
NSX Ticket Logger
vSphere Web Client
Objective 8.5 – Administer Logging
Knowledge
Identify content contained in technical support bundles
Identify where to locate component/service specific log information
Explain usage of CLI for logging
Configure Syslog(s)
Configure logging for Dynamic Routing information
Log Distributed Firewall rule processing information
Log Edge Firewall rule processing information
Log address translation information
Log VPN traffic
Configure basic/advanced Load Balancer logging
Log DHCP assignments
Log DNS resolutions
Log security policy session information
Download NSX Edge tech support logs
Generate NSX Manager tech support logs
Tools
NSX Administration Guide
NSX Command Line Interface Reference Guide
NSX Edge CLI
vSphere Web Client
Log Insight
Syslog
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
21
Objective 8.6 – Backup and Recover Configurations
Knowledge
Identify remote backup destinations
Explain how to backup and recover various components
Schedule backups
Export/Restore vSphere Distributed Switch configuration
Import/Export Service Composer profiles
Perform NSX Manager backup and restore operations
Tools
NSX Administration Guide
vSphere Web Client
Section 9 – Troubleshoot a VMware Network Virtualization Implementation
Objective 9.1 – Identify Tools Available for Troubleshooting
Knowledge
Identify filters available for packet capture
Capture and trace uplink, vmknic, and physical NIC packets
Identify and track NSX infrastructure changes
Output packet data for use by a protocol analyzer
Capture and analyze traffic flows
Mirror network traffic for analysis
Performa a network health check
Configure vSphere Distributed Switch alarms
Tools
NSX Administration Guide
vSphere Networking Guide
vSphere Command-Line Interface Concepts and Examples
vSphere Web Client
NSX Ticket Logger
ESXi Host CLI
pktcap-uw
Netflow
RSPAN/ERSPAN
VDS Health Check
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
22
Objective 9.2 – Troubleshoot Common NSX Installation/Configuration Issues
Knowledge
Identify ports required for NSX communication
Troubleshoot lookup service configuration
Troubleshoot vCenter Server link
Troubleshoot licensing issues
Troubleshoot permissions issues
Troubleshoot host preparation issues
Troubleshoot IP pool issues
Tools
NSX Installation and Upgrade Guide
NSX Administration Guide
NSX Command Line Interface Reference Guide
NSX Controller CLI
vSphere Web Client
Objective 9.3 – Troubleshoot Common NSX Component Issues
Knowledge
Differentiate NSX Edge logging and troubleshooting commands
Verify NSX Controller cluster status and roles
Verify NSX Controller node connectivity
Check NSX Controller API service
Validate VXLAN and Logical Router mapping tables
List Logical Router instances and statistics
Verify Logical Router interface and route mapping tables
Verify active controller connections
View Bridge instances and learned MAC addresses
Display Logical Router instances
Verify NSX Manager services status
View Logical Interfaces and routing tables
Analyze NSX Edge statistics
Tools
NSX Administration Guide
NSX Command Line Interface Reference Guide
NSX API Guide
NSX Controller CLI
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
23
NSX Edge CLI
NSX API
vSphere Web Client
VDS Health Check
net-dvr
Objective 9.4 – Troubleshoot Common Connectivity Issues
Knowledge
Review netcap logs for control plane connectivity issues
Verify VXLAN, VTEP, MAC, and ARP mapping tables
List VNI configuration
View VXLAN connection tables and statistics
Perform VTEP connectivity tests
Tools
NSX Administration Guide
NSX Command Line Interface Reference Guide
vSphere Command-Line Interface Concepts and Examples
NSX Controller CLI
vSphere Web Client
ESXi Host CLI
esxcli
Objective 9.5 – Troubleshoot Common vSphere Networking Issues
Knowledge
Verify network configuration
Verify a given virtual machine is configured with the correct network resources
Troubleshoot virtual switch and port group configuration issues
Troubleshoot physical network adapter configuration issues
Identify the root cause of a network issue based on troubleshooting information
Tools
vSphere Networking Guide
vSphere Troubleshooting Guide
vSphere Command-Line Interface Concepts and Examples
vSphere Web Client
vSphere Client
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
24
4. VCP-NV Paths and Course Requirement Options
4.1 VCP-NV Path Options
4.2 Course Requirement
In order to obtain the VCP-NV certification, you must attend the authorized VMware NSX: Install, Configure, Manage [V6.x] course. To determine if you can take this course, refer to the diagram in section 4.1.
VMware NSX: Install, Configure, Manage [V6.x]
A five-day, hands-on training course that explores installation, configuration and management of VMware® NSX™. NSX is a software networking and security virtualization platform that delivers the operational model of a virtual machine for the network. The course covers the following objectives:
• Describe the evolution of the Software-Defined Data Center • Describe how NSX is the next step in the evolution of the Software-Defined Data Center • Describe data center prerequisites for NSX deployment • Configure and deploy NSX components for management and control • Describe basic NSX layer 2 networking • Configure, deploy, and use logical switch networks • Configure and deploy NSX distributed router appliances to establish East-West connectivity • Configure and deploy VMware® NSX Edge™ services gateway appliances to establish North-South connectivity • Configure and use all main features of the NSX Edge services gateway • Configure NSX Edge firewall rules to restrict network traffic • Configure NSX distributed firewall rules to restrict network traffic • Use role-based access to control user account privileges • Use activity monitoring to determine whether a security policy is effective • Configure service composer policies
Copyright ©2014 VMware, Inc. All rights reserved. Use of any VMware Certified logo is restricted to individuals who have achieved the respective certification.
25
5. Additional Resources
5.1 Practice Exam
VMware provides a Practice exam for the VCP-NV Exam. The Practice exam contains sample questions, along with explanation for incorrect responses. The Practice exam presents 25 questions, drawn from a larger pool. The Practice exam pass score is set to 100%, and a candidate can retake the Practice exam as many times as desired until the 100% score is achieved. Please be advised that the pass score for the Practice exam is unrelated to the pass score for the actual exam. Refer to section 1.3 for the scoring information for the VCP-NV Exam.
The Practice exam is located at: http://mylearn.vmware.com/quiz.cfm?item=57466 .
5.2 VCP Community
VMware provides an online community for VCP candidates. This community contains valuable information from other candidates and senior VCPs, and is moderated by VMware certification staff. The community is located at: http://communities.vmware.com/community/vmtn/certedu/certification/vcp.
Version Date Change Notes
1.0 2014-07-08 Creation of VCP-NV Exam Blueprint