VMware Certified Professional 6 Data Center Virtualization Delta Beta Exam v8.0

Page:    1 / 16   
Exam contains 240 questions

An administrator wants to configure an ESXi 6.x host to use Active Directory (AD) to manage users and groups. The AD domain group ESX Admins is planned for administrative access to the host.
Which two conditions should be considered when planning this configuration? (Choose two.)

  • A. If administrative access for ESX Admins is not required, this setting can be altered.
  • B. The users in ESX Admins are not restricted by Lockdown Mode.
  • C. An ESXi host provisioned with Auto Deploy cannot store AD credentials.
  • D. The users in ESX Admins are granted administrative privileges in vCenter Server.


Answer : A,C

Explanation:
The setting can be altered if administrative access for ESX admins is not required. The second rule is that the ESX admins users should not be restricted by Lockdown mode.

Which two roles can be modified? (Choose two.)

  • A. Administrator
  • B. Network Administrator
  • C. Datastore Consumer
  • D. Read-Only


Answer : B,C

Explanation:
It is a common knowledge that you cannot modify Administrator role and grant whatever privileges you like. Same is the case with read-only. This role is created solely for ready only purposes. So you are left with two viable options Network administrator and
Datastore consumer both of which can be modified to add or delete privileges according to your specifications.

When attempting to log in with the vSphere Web Client, users have reported the error:

Incorrect Username/Password -
The administrator has configured the Platform Services Controller Identity Source as:
-> Type. Active Directory as an LDAP Server
-> Domain: vmware.com
-> Alias: VMWARE
-> Default Domain: Yes
Which two statements would explain why users cannot login to the vSphere Web Client?
(Choose two.)

  • A. Users are typing the password incorrectly.
  • B. Users are in a forest that has 1-way trust.
  • C. Users are in a forest that has 2-way trust.
  • D. Users are logging into vCenter Server with incorrect permissions.


Answer : A,B

Explanation:
The possible explanation for this error might be that the users are typing password incorrectly or they are in a forest with has only 1-way trust. You need 2-way trust to get the credentials accepted.

An administrator wishes to give a user the ability to manage snapshots for virtual machines.
Which privilege does the administrator need to assign to the user?

  • A. Datastore.Allocate Space
  • B. Virtual machine.Configuration.create snapshot
  • C. Virtual machine.Configuration.manage snapshot
  • D. Datastore.Browse Datastore


Answer : A

Explanation:
Datastore.Allocate space allows allocating space on a datastore for a virtual machine, snapshot, clone, or virtual disk.
Reference: https://pubs.vmware.com/vsphere-
51/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-B2426ACC-D73F-
4732-8BBC-DE9B1B2263D9.html

Which Platform Service Controller Password Policy determines the number of days a password can exist before the user must change it?

  • A. Maximum Lifetime
  • B. Password Age
  • C. Maximum Days
  • D. Password Lifetime


Answer : A

Explanation:
You can configure the following parameters for password policy:
-> Description – Password policy description. Required.
-> Maximum lifetime – Maximum number of days that a password can exist before it has to be changed.
-> Restrict re-use – Number of the user’s previous passwords that cannot be set again.
-> Maximum length – Maximum number of characters that are allowed in the password.
-> Minimum length – Minimum number of characters required in the password.
-> Character requirements – Minimum number of different character types required in the password.
-> Identical adjacent characters – Maximum number of identical adjacent characters allowed in the password.
Reference: http://www.vladan.fr/vcp6-dcv-objective-1-3-enable-sso-and-active-directory- integration/

Which three Authorization types are valid in vSphere? (Choose three.)

  • A. Group Membership in vsphere.local
  • B. Global
  • C. Forest
  • D. vCenter Server
  • E. Group Membership in system-domain


Answer : A,B,D

Explanation:
Sphere 6.0 and later allows privileged users to give other users permissions to perform tasks in the following ways. These approaches are, for the most part, mutually exclusive; however, you can assign use global permissions to authorize certain users for all solution, and local vCenter Server permissions to authorize other users for individual vCenter Server systems. vCenter ServerPermissions
The permission model for vCenter Server systems relies on assigning permissions to objects in the object hierarchy of thatvCenter Server. Each permission gives one user or group a set of privileges, that is, a role for a selected object. For example, you can select an ESXi host and assign a role to a group of users to give those users the corresponding privileges on that host.

Global Permissions -
Global permissions are applied to a global root object that spans solutions. For example, if both vCenter Server and vCenter Orchestrator are installed, you can give permissions to all objects in both object hierarchies using global permissions.
Global permissions are replicated across the vsphere.local domain. Global permissions to not provide authorization for services managed through vsphere.local groups. See Global
Permissions.
Group Membership in vsphere.local Groups
The user [email protected] can perform tasks that are associated with services included with the Platform Services Controller. In addition, members of a vsphere.local group can perform the corresponding task. For example, you can perform license management if you are a member of the LicenseService.Administrators group. See Groups in the vsphere.local Domain.
Reference: http://pubs.vmware.com/vsphere-
60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-74F53189-EF41-
4AC1-A78E-D25621855800.html

An administrator decides to change the root password for an ESXi 6.x host to comply with the company's security policies.
What are two ways that this can be accomplished? (Choose two.)

  • A. Use the Direct Console User Interface to change the password.
  • B. Use the passwd command in the ESXi Shell.
  • C. Use the password command in the ESXi Shell.
  • D. Use the vSphere client to update local users.


Answer : A,B

Explanation:
To prevent unauthorized access to the vCenter Server Appliance Direct Console User
Interface, you can change the password of the root user.
The default root password for the vCenter Server Appliance is the password you enter during deployment of the virtual appliance.
Reference: http://pubs.vmware.com/vsphere-
60/index.jsp?topic=%2Fcom.vmware.vsphere.vcsa.doc%2FGUID-48BAF973-4FD3-4FF3-

B1B6-5F7286C9B59A.html -

Which three options are available for replacing vCenter Server Security Certificates?
(Choose three.)

  • A. Replace with Certificates signed by the VMware Certificate Authority.
  • B. Make VMware Certificate Authority an Intermediate Certificate Authority.
  • C. Do not use VMware Certificate Authority, provision your own Certificates.
  • D. Use SSL Thumbprint mode.
  • E. Replace all VMware Certificate Authority issued Certificates with self-signed Certificates.


Answer : A,B,C

Explanation:
There are three options for replace vCenter server security certificates. You can replace it with certificates signed by VMware certificate authority; you can make the VMCA an intermediate certificate authority. Likewise, you can provision your own certificates.

Strict Lockdown Mode has been enabled on an ESXi host.
Which action should an administrator perform to allow ESXi Shell or SSH access for users with administrator privileges?

  • A. Grant the users the administrator role and enable the service.
  • B. Add the users to Exception Users and enable the service.
  • C. No action can be taken, Strict Lockdown Mode prevents direct access.
  • D. Add the users to vsphere.local and enable the service.


Answer : B

Reference: https://pubs.vmware.com/vsphere-
60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-F8F105F7-CF93-
46DF-9319-F8991839D265.html

Which Advanced Setting should be created for the vCenter Server to change the expiration policy of the vpxuser password?

  • A. VimPasswordExpirationInDays
  • B. VimExpirationPasswordDays
  • C. VimPassExpirationInDays
  • D. VimPasswordRefreshDays


Answer : A

Explanation:
vCenter Server creates the vpxuser account on each ESX/ESXi host that it manages. The password for each vpxuser account is auto-generated when an ESX/ESXi host is added.
The password is updated by default every 30 days.
To modify default password settings:
-> Connect vSphere Client to vCenter Server.
-> Click Administration > vCenter Server Settings > Advanced Settings.
-> Scroll to the parameter VirtualCenter.VimPasswordExpirationInDays and change the value from the default.
Reference:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC
&externalId=1016736

Which three connection types are supported between a remote site and vCloud Air?
(Choose three.)

  • A. Secure Internet Connectivity
  • B. Private Connect
  • C. Direct Connect
  • D. Internet Connectivity
  • E. Secure VPN


Answer : A,C,E

Explanation:
The connection types supported between a remote site and vcloud Air is secure VPN, direct connect and Secure Internet Connectivity.
Topic 2, Configure and Administer Advanced vSphere Networking

A common root user account has been configured for a group of ESXi 6.x hosts.
Which two steps should be taken to mitigate security risks associated with this configuration? (Choose two.)

  • A. Remove the root user account from the ESXi host.
  • B. Set a complex password for the root account and limit its use.
  • C. Use ESXi Active Directory capabilities to assign users the administrator role.
  • D. Use Lockdown mode to restrict root account access.


Answer : B,C

Explanation:
To address the security risks, yo need to set a complex password for the root account and make sure only authorized personnel use it. The second step is to use ESXi active directory to assign the administrator role to users.

Which two features are deprecated in Network I/O Control 3 (NIOC3)? (Choose two.)

  • A. Class Of Service (COS) Tagging
  • B. Bandwidth Allocation
  • C. User-defined network resource pools
  • D. Admission control


Answer : A,C

Explanation:
Class of Service tagging and user-defined resource pools are deprecated in NIOC3.

An administrator runs the command esxcli storage core device list and sees the following output: mpx.vmhba1:C0:T0:L0 Display Name: RAID 5 (mpx.vmhba1:C0:T0:L0) Has Settable
Display Name: false SizE. 40960 Device Type: Direct-Access Multipath Plugin: NMP Devfs
Path: /vmfs/devices/disks/mpx.vmhba1:C0:T0:L0 Status: off Is Local: true
What can be determined by this output?

  • A. The device is a being used for vFlash Read Cache.
  • B. The device is in a Permanent Device Loss (PDL) state.
  • C. The device is a local Solid State Device (SSD).
  • D. The device is in an All Paths Down (APD) state.


Answer : B

Reference: http://vmwaremine.com/2014/07/07/manage-psa-claimrules-satp-rules- esxcli/#sthash.i6Esax8x.dpbs

Which two statements are true regarding iSCSI adapters? (Choose two.)

  • A. Software iSCSI adapters require vmkernel networking.
  • B. Independent Hardware iSCSI adapters offload processing from the ESXi host.
  • C. Dependent Hardware iSCSI adapters do not require vmkernel networking.
  • D. Independent Hardware iSCSI adapters require vmkernel networking.


Answer : A,B

Explanation:
An independent hardware iSCSI adapter is a specialized third-party adapter capable of accessing iSCSI storage over TCP/IP. This iSCSI adapter handles all iSCSI and network processing and management for your ESXi system.
Software and dependent hardware iSCSI adapters depend on VMkernel networking. If you use the software or dependent hardware iSCSI adapters, you must configure connections for the traffic between the iSCSI component and the physical network adapters.
Reference: http://pubs.vmware.com/vsphere-
51/index.jsp#com.vmware.vsphere.storage.doc/GUID-9BC0BA74-EAE4-4816-BD49-

E5214920AB4B.html -

Page:    1 / 16   
Exam contains 240 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.