🚀 Launch Special: $29/mo for life --d --h --m --s Claim Your Price →
1V0-41.20
Coming Soon
Expected availability announced soon

This course is in active development. Preview the scope below and create a free account to be notified the moment it goes live.

Notify me
1V0-41.20 VMware/Broadcom Coming Soon

1V04120 NV Associate (1V0-41.20)

VMware Certified Technical Associate – Network Virtualization (1V0-41.20) teaches fundamentals of SDN, NSX architecture, logical switching, routing, and security, enabling learners to design and manage virtual networks in VMware environments.

135
Minutes
51
Questions
300/500
Passing Score
$250
Exam Cost

Who Should Take This

It is ideal for network engineers, system administrators, or IT professionals who have basic knowledge of VMware vSphere and seek to expand into software‑defined networking. These learners aim to validate their ability to implement NSX logical switching, routing, and security services, preparing them for entry‑level virtualization roles.

What's Covered

1 Domain 1: SDN and NSX Overview
2 Domain 2: NSX Architecture
3 Domain 3: Logical Switching
4 Domain 4: Logical Routing
5 Domain 5: NSX Security
6 Domain 6: NSX Services
7 Domain 7: NSX Integration and Use Cases

What's Included in AccelaStudy® AI

Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats

Course Outline

63 learning goals
1 Domain 1: SDN and NSX Overview
2 topics

Software-Defined Networking

  • Identify SDN principles: control/data plane separation, centralized management, network programmability, and infrastructure abstraction.
  • Describe how network virtualization decouples network services from physical hardware creating virtual networks as software constructs.
  • Explain benefits of network virtualization: agility, micro-segmentation, multi-tenancy, consistent operations, and reduced provisioning time.
  • Differentiate between overlay networks (VXLAN, Geneve) and traditional VLANs and identify scenarios where each approach is optimal.
  • Analyze a network modernization scenario and determine whether SDN overlay or traditional VLAN approach better satisfies stated requirements.

NSX Product Capabilities

  • Identify NSX capabilities: logical switching, distributed routing, distributed firewall, gateway firewall, load balancing, VPN, and IDS/IPS.
  • Describe how NSX integrates with vSphere, Kubernetes, and public clouds for consistent networking and security across environments.
  • Explain NSX's role as the networking and security layer in VMware Cloud Foundation for software-defined data center infrastructure.
  • Analyze a scenario requiring specific network services and identify which NSX capability addresses the switching, routing, security, or services need.
2 Domain 2: NSX Architecture
2 topics

Management and Control Planes

  • Identify NSX Manager as the centralized management plane providing API, UI, and policy engine for all NSX networking and security services.
  • Describe the NSX Manager cluster: three manager nodes, virtual IP, Corfu distributed datastore, and the controller role within the cluster.
  • Explain how the Central Control Plane distributes logical topology, routing tables, and firewall rules to transport nodes via management channels.
  • Explain NSX policy mode versus manager mode differences in API structure, object hierarchy, and recommended configuration approach.
  • Analyze the impact of NSX Manager node failure on network operations, configuration changes, and datapath continuity in headless mode.

Data Plane and Transport

  • Identify data plane components: N-VDS, transport nodes (host and edge), tunnel endpoints (TEPs), and uplink profiles.
  • Describe transport zones as scope boundaries for logical networks and differentiate overlay from VLAN transport zones.
  • Explain how transport node profiles automate host preparation including N-VDS creation, TEP IP pool assignment, and uplink mapping.
  • Configure transport node preparation for an ESXi cluster selecting transport zone, uplink profile, and TEP IP assignment method.
  • Analyze a multi-cluster transport zone design and determine the appropriate overlay/VLAN zone assignments and TEP networking configuration.
3 Domain 3: Logical Switching
2 topics

Segments and Overlays

  • Identify NSX segments as Layer 2 broadcast domains spanning multiple hosts using Geneve overlay encapsulation or VLAN backing.
  • Describe Geneve encapsulation creating tunnels between TEPs to extend Layer 2 connectivity across the physical routed underlay.
  • Explain segment profiles: MAC discovery, IP discovery, SpoofGuard, segment security, and QoS and their effect on segment behavior.
  • Configure an NSX overlay segment with subnet, gateway, DHCP configuration, and segment profile assignments for application workloads.
  • Analyze a segment connectivity issue using ARP tables, TEP tunnel status, and segment profiles to identify the root cause.

Bridging and VLAN Integration

  • Identify NSX edge bridging for connecting overlay segments to physical VLAN networks during migration and legacy integration.
  • Describe VLAN-backed segments for management traffic, edge uplinks, and physical server connectivity where overlay is not used.
  • Explain Layer 2 bridging use cases: V2V migration, physical-to-virtual connectivity, and disaster recovery site extension scenarios.
  • Analyze a physical-virtual integration scenario and determine whether bridging, VLAN segment, or routing provides optimal connectivity.
4 Domain 4: Logical Routing
2 topics

Tier-0 and Tier-1 Gateways

  • Identify the two-tier routing model: Tier-0 for north-south external connectivity and Tier-1 for east-west tenant routing.
  • Describe Tier-0 capabilities: BGP, OSPF, static routes, ECMP, route maps, prefix lists, and HA modes (Active-Active, Active-Standby).
  • Explain Tier-1 gateway distributed routing, stateful services (NAT, DHCP, DNS), and service router placement on edge nodes.
  • Configure a routing topology with Tier-0 BGP peering to physical routers and Tier-1 gateways serving application segments.
  • Analyze a routing design and determine appropriate gateway placement, route redistribution, ECMP settings, and failover configuration.

Edge Nodes

  • Identify Edge nodes as appliances hosting centralized services: NAT, VPN, load balancing, and north-south routing.
  • Describe Edge deployment form factors (small, medium, large, xlarge VM; bare metal) and sizing for different throughput needs.
  • Explain Edge cluster redundancy through active-standby or active-active members and stateful service failover behavior.
  • Analyze an Edge cluster sizing scenario and determine appropriate form factor, cluster size, and failover mode for throughput and HA requirements.
5 Domain 5: NSX Security
2 topics

Distributed Firewall

  • Identify the Distributed Firewall (DFW) as a kernel-level stateful Layer 4-7 firewall enforcing micro-segmentation at the vNIC level.
  • Describe DFW rule structure: source, destination, service/port, action (allow/drop/reject), applied-to scope, and section-based rule ordering.
  • Explain how groups (security groups) based on tags, IP sets, segments, and dynamic membership criteria simplify DFW rule management.
  • Configure DFW rules implementing a three-tier micro-segmentation policy isolating web, application, and database workloads.
  • Analyze a security scenario and determine the optimal DFW policy hierarchy, group definitions, and rule ordering for zero-trust enforcement.

Gateway Firewall and Advanced Security

  • Identify the Gateway Firewall on edge nodes for north-south perimeter filtering distinct from the distributed east-west firewall.
  • Describe NSX advanced security: Distributed IDS/IPS, URL filtering, TLS inspection, malware prevention, and Network Detection and Response.
  • Explain how security tags enable context-aware dynamic rules that automatically adapt when workloads are created, migrated, or decommissioned.
  • Analyze a comprehensive scenario requiring east-west and north-south protection and recommend integrated DFW and Gateway Firewall policies.
6 Domain 6: NSX Services
2 topics

Network Services

  • Identify NSX gateway services: NAT (SNAT, DNAT, reflexive), DHCP server/relay, DNS forwarding, IPsec VPN, and L2 VPN.
  • Describe NSX load balancing: Layer 4/Layer 7 virtual servers, server pools, health monitors, persistence profiles, and SSL offloading.
  • Explain how to configure IPsec VPN tunnels between NSX edge gateways and remote sites for encrypted site-to-site connectivity.
  • Analyze a network services requirement and determine the appropriate NAT, VPN, DHCP, or load balancer configuration on NSX gateways.

Monitoring and Troubleshooting

  • Identify NSX monitoring tools: Manager dashboard, system alarms, port mirroring, IPFIX flow export, syslog, and packet capture.
  • Describe Traceflow for injecting synthetic packets to verify paths through logical switches, routers, and firewalls for connectivity validation.
  • Explain how to use Edge CLI, central CLI, and support bundles to troubleshoot routing, NAT, VPN, and service issues.
  • Explain how IPFIX flow data and port mirroring enable traffic analysis and integration with third-party network monitoring platforms.
  • Analyze a connectivity failure using Traceflow results, firewall hit counts, and routing tables to isolate and resolve the network issue.
7 Domain 7: NSX Integration and Use Cases
2 topics

VMware Cloud Foundation Networking

  • Identify NSX's role in VCF providing automated network provisioning, workload domain networking, and management domain connectivity.
  • Describe how SDDC Manager automates NSX deployment, configuration, and lifecycle management within VMware Cloud Foundation environments.
  • Explain how NSX provides networking for vSphere with Tanzu including Kubernetes pod networking, load balancer services, and ingress routing.
  • Analyze a VCF networking scenario and determine the appropriate NSX segment, gateway, and firewall configuration for workload domains.

Multi-Cloud Networking

  • Identify NSX multi-cloud capabilities: VMware Cloud on AWS networking, NSX federation for multi-site, and HCX network extension.
  • Describe how NSX federation extends consistent networking and security policies across multiple NSX Manager instances in different locations.
  • Explain how HCX network extension stretches Layer 2 segments between on-premises and cloud sites enabling seamless workload mobility.
  • Analyze a multi-site networking scenario and recommend the appropriate combination of federation, HCX, and VPN for cross-site connectivity.

Scope

Included Topics

  • Network virtualization concepts, SDN fundamentals, VMware NSX architecture, logical switching, logical routing, distributed firewall, gateway services, and monitoring aligned to VCTA-NV.
  • NSX Manager, transport zones, segments, Tier-0/Tier-1 gateways, edge nodes, micro-segmentation, NAT, VPN, load balancing, Traceflow, and IPFIX.

Not Covered

  • Advanced NSX federation, multi-site design, and policy optimization at VCP/VCAP depth.
  • NSX API programming and Terraform provider usage.
  • Physical network design and vendor-specific switch configurations.

Official Exam Page

Learn more at VMware/Broadcom

Visit

1V0-41.20 is coming soon

Adaptive learning that maps your knowledge and closes your gaps.

Create Free Account to Be Notified

Trademark Notice

VMware® and all VMware certification names are registered trademarks of VMware, Inc. (a subsidiary of Broadcom). VMware does not endorse this product.

AccelaStudy® and Renkara® are registered trademarks of Renkara Media Group, Inc. All third-party marks are the property of their respective owners and are used for nominative identification only.