B & D is answer. Refer to previous version exam...

I think that CD The objective of NSX Intrusion Detection and Prevention Service (IDS/IPS) is to monitor network traffic on the hosts and edges for malicious activity by comparing the traffic against a known set of signatures. The objective of NSX Malware Prevention is to extract files from the network traffic on the hosts and edges and analyze these files for malicious behavior. https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/administration/GUID-69DF70C2-1769-4858-97E7-B757CAED08F0.html

B. Gain insight about micro-segmentation traffic flows: Distributed Intrusion Detection in NSX can monitor and analyze traffic flows within micro-segmented networks. Micro-segmentation divides the network into smaller segments to enhance security. Distributed Intrusion Detection helps gain insights into these segmented traffic flows, ensuring that communication between different segments is secure and free from intrusions. D. Use agentless antivirus with Guest introspection: Distributed Intrusion Detection on NSX allows for agentless antivirus solutions through Guest Introspection. This means antivirus scanning can be done without installing any additional agents on individual virtual machines. Distributed Intrusion Detection helps in detecting any malicious activity or threats within these virtual machines, providing security without compromising performance.