매달, 우리는 1000명 이상의 사람들이 시험 준비를 잘하고 시험을 잘 통과할 수 있도록 도와줍니다.
VMware Avi Load Balancer 30.x Administrator 온라인 연습
최종 업데이트 시간: 2026년06월04일
당신은 온라인 연습 문제를 통해 VMware 6V0-22.25 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.
시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 6V0-22.25 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 45개의 시험 문제와 답을 포함하십시오.
정답:
Explanation:
Avi WAF supports several inspection methods, including signature-based protection, allow-list style controls, and Positive Security. Positive Security is more computationally expensive because it validates application behavior against learned or configured rules that define what is explicitly allowed. This requires deeper inspection and more rule evaluation than simply matching known attack signatures. Signature inspection generally compares requests against known malicious patterns, while Positive Security evaluates whether requests conform to permitted application behavior. VMware Avi WAF documentation describes Positive Security and learning as a deeper application security method. Because it performs more detailed validation of acceptable behavior, it consumes more processing resources than the other listed methods. Therefore, the most computationally expensive inspection method is Positive Security.
정답:
Explanation:
In Avi Load Balancer Elastic HA N+M mode, the Service Engine Group maintains a defined active scale and buffer capacity for redundancy and placement flexibility. VMware Avi documentation explains that in N+M mode, N represents the minimum number of Service Engines required for a Virtual Service, while M represents the spare or buffer capacity that Avi attempts to maintain across the Service Engine Group. This means N is related to the minimum active scale for the Virtual Service, not the total maximum number of Service Engines in the group, not the number of buffer Service Engines, and not the maximum number of Virtual Services per Service Engine. Therefore, the correct parameter for N is Minimum scale per Virtual Service.
정답:
Explanation:
The Virtual Service Analytics page provides different graph categories for traffic, connection, timing, and error visibility. VMware Avi documentation states that the Requests chart shows the number of responses to requests per second and breaks down successful requests versus errors, including 4xx and 5xx errors. This makes the Requests graph the appropriate place to view the rate of HTTP 5xx errors for a Virtual Service. The Conns graph is focused on connection counts and rates, while End-to-End Timing shows timing components such as client RTT, server RTT, application response, and data transfer. “HTTP Errors” may sound plausible, but in the Avi Virtual Service Analytics graph naming described here, 5xx rate visibility is included under Requests.
정답:
Explanation:
Avi upgrades can be performed with minimal disruption when Virtual Services have sufficient Service Engine redundancy. VMware Avi documentation for upgrades explains that upgrades are disruptive for Virtual Services running in Elastic HA N+M Buffer mode when the Virtual Service is placed on only one Service Engine and is not scaled out. The default Service Engine Group configuration commonly results in a Virtual Service being placed on a single active Service Engine unless it is manually or automatically scaled out. During a Service Engine upgrade, traffic can be interrupted if there is no additional active Service Engine already carrying that Virtual Service. Therefore, the most likely cause of the outage is that the Virtual Service was not scaled out.
정답:
Explanation:
Avi Network Security Policies are evaluated at the network-security layer and can be used for actions such as allowing, dropping, denying, rate limiting, and applying rules based on client characteristics such as IP reputation or geolocation. Blocking selected countries is supported through geolocation-based matching, and IP reputation is also a supported security capability in Avi. Rate limiting is a valid Network Security Policy action. Botnet Detection, however, is not configured through a Network Security Policy. Bot detection and bot management are part of Avi’s WAF and bot-management security features, associated with application-layer HTTP security rather than the network security policy object. Therefore, the function that cannot be configured through a Network Security Policy is Botnet Detection.
정답:
Explanation:
Avi Load Balancer health score is a composite metric that considers several dimensions, including performance, resources, anomalies, and security. VMware Avi documentation for the Analytics Profile states that constrained resources increase the resource penalty score, and examples include CPU, memory, or disk utilization of a Service Engine or a server. In this scenario, users are not experiencing application issues, so the performance score may remain normal. However, the Service Engine hosting the Virtual Service has high memory utilization, which is explicitly a resource constraint. Because resource constraints are reflected as a resource penalty, the Virtual Service health score can be affected even when users have not yet noticed symptoms. Therefore, the correct impact is that the Resource Penalty will be increased.
정답:
Explanation:
In Avi Load Balancer architecture, the Controller provides management, control-plane functions, configuration, analytics coordination, and automation, while the Service Engines provide the distributed data plane. Virtual Services advertise a Virtual IP address and one or more ports, but the traffic is actually processed by Service Engines. Broadcom documentation describes the Avi Service Engine as being programmed by the Avi Controller to advertise Virtual IP addresses. This means the VIP is not hosted directly by the API server, the Controller cluster, or a single Controller node. Those components manage and configure the system, but client traffic to the VIP is received and processed by the Service Engine data plane. Therefore, the architectural component that hosts Virtual IP addresses is the Service Engine.
정답:
Explanation:
Avi Load Balancer health score includes multiple penalty categories, including security penalties. VMware Avi documentation for SSL certificate expiration explains that a certificate approaching expiry can reduce the Virtual Service health score. Specifically, when a certificate is within 30 days of expiration, Avi applies a 20-point security penalty to the Virtual Service, which caps the maximum health score at 80. This exactly matches the question’s stated Security Penalty of -20. CPU utilization on the Service Engine would align more closely with a resource or performance impact, not a certificate-related security penalty. A health monitor protocol mismatch could mark servers down, but it does not correspond to the documented -20 SSL certificate security penalty.
정답:
Explanation:
The Basic Setup mode is intended for common Virtual Service creation tasks, such as defining the application type and adding pool servers. Advanced Setup exposes the full Virtual Service configuration through multiple tabs and allows administrators to configure more detailed options that are not presented in the simplified workflow. VMware Avi documentation states that creating a Virtual Service in Advanced Setup allows configuration of all options through the different tabs. Analytics settings, including selecting or customizing analytics behavior for the Virtual Service, are advanced Virtual Service properties. By contrast, adding servers and choosing HTTPS are standard creation tasks, and adding a DNS name is not the key reason to require Advanced Setup in this question. Therefore, Advanced Setup is required for specifying analytics settings.
정답:
Explanation:
VMware Avi Load Balancer supports HTTP-to-HTTPS redirection in more than one way. The HTTP application profile can perform a general HTTP-to-HTTPS redirect, but an HTTP Policy provides more granular control because policies can match on specific conditions and then apply actions. Avi documentation states that Virtual Service policies are more specific than general-purpose profiles and that policy rules take precedence over profile behavior. This makes HTTP Policy redirection more flexible than using only the HTTP profile, because administrators can build conditional redirect logic based on host, path, headers, or other HTTP match criteria. It is not incompatible with WAF, and it is not described as less efficient than DataScript for this purpose.
정답:
Explanation:
The TCP Proxy Profile controls TCP behavior for a Virtual Service when Avi terminates the client TCP connection and opens a separate server-side TCP connection. VMware Avi documentation states that the TCP proxy terminates client connections, processes traffic, and then establishes a connection to the destination server. The Custom TCP Proxy Profile mode is used when administrators need to manually configure TCP proxy settings rather than use predefined system defaults. A valid reason to use this mode is to change TCP timeout behavior, including the idle duration timeout. Rate limiting is generally handled by policy or security controls, disabling SNAT is configured through network service or preserve-client-IP-related settings, and exposing destination port to the application is not the standard reason for selecting TCP Proxy Custom mode in this question.
정답:
Explanation:
Avi Load Balancer Virtual Service policies allow administrators to customize how traffic is processed at different stages. VMware Avi documentation describes Virtual Service policies as supporting advanced customization for network-layer security, HTTP security, HTTP requests, and HTTP responses. For serving a static page when a matching condition is met, the action must occur while processing the incoming HTTP request, before the request is forwarded to a backend pool. An HTTP Request Policy can match request conditions and take actions such as redirecting, switching pools, or sending a local response. A Custom Error Page is used for Avi-generated error responses, an HTTP
Response Policy acts on the response path, and a Network Security Policy operates at a lower network/security layer. Therefore, the correct policy object is HTTP Request Policy.
정답:
Explanation:
The default Avi Load Balancer behavior for impending SSL/TLS certificate expiration includes visible operational indicators in the UI and health score impact. VMware Avi documentation explains that certificates approaching expiration affect the Virtual Service by applying a security penalty. At 30 days before expiration, the Virtual Service incurs a 20-point security penalty and the maximum health score is capped at 80. The certificates page also provides visual indication of certificate status using color changes as certificates approach expiration. Email and SNMP alerting require notification or external integration configuration, so they are not the default mechanisms. A top red UI banner is not the standard default certificate-expiry alerting mechanism described for this case. Therefore, the correct default mechanisms are health score security penalty and SSL certificate color status indicators.
정답:
Explanation:
Avi Load Balancer has built-in certificate-expiration visibility. VMware Avi documentation states that when a certificate approaches expiration, the related Virtual Service can receive a security penalty; for example, at 30 days before expiration the Virtual Service incurs a 20-point security penalty, which caps the health score at 80. The UI also changes certificate status indicators as expiration approaches, and system events are generated at expiration thresholds such as 30 days, 7 days, and 1 day. Email notifications, however, depend on administrator notification settings and email configuration. Because email delivery requires additional configuration and is not simply enabled by default for administrators, the non-default method listed is sending emails before expiration.
정답:
Explanation:
Avi Load Balancer supports client logging through Virtual Service analytics and client log filters. Client log filters are specifically designed to capture selected traffic, such as traffic from a chosen client IP address or matching log conditions. DataScripts can also write custom log data; VMware Avi DataScript documentation describes log-related functions and examples for creating local logs with custom data. HTTP policies can affect request and response processing and can be used with logging and analytics workflows. However, Custom Alert Config is for alert generation based on events or conditions; it is not a mechanism for creating custom client log entries. Therefore, the option that cannot be used to create custom client logs is Custom Alert Config.