Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home VMware 2V0-621

VMware 2V0-621 Exam Practice Questions (P. 3)

  • Full Access (243 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #11
Which two methods are recommended for managing the VMware Directory Service? (Choose two.)
  1. A
    Utilize the vmdir command.
  2. B
    Manage through the vSphere Web Client.
  3. C
    Manage using the VMware Directory Service.
  4. D
    Utilize the dc rep command.

Correct Answer:
AB
A) dir-cli Command Reference -
The dir-cli utility allows you to create and update solution users, create other user accounts, and manage certificates and passwords in vmdir. ( link: to see vmdir commands-- https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-4FBEA58E-9492-409B-B584-

C18477F041D8.html -
)
B) Directory service associated with the vsphere.local domain. This service is a multi-tenanted, multi-mastered directory service that makes an LDAP directory available on port 11711. In multisite mode, an update of VMware Directory Service content in one VMware Directory Service instance results in the automatic update of the VMware Directory Service instances associated with all other vCenter Single Sign-On nodes via Vsphere Web Client.

Question #12
What are two sample roles that are provided with vCenter Server by default? (Choose two.)
  1. A
    Virtual machine User
  2. B
    Network Consumer
  3. C
    Content Library Administrator
  4. D
    Storage Administrator

Correct Answer:
AB

Reference:
http://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp?topic=/com.vmware.vsphere.dcadmin.doc_41/vsp_dc_admin_guide/ managing_users_groups_roles_and_permissions/r_default_roles_for_esx_esxi_and_vcenter_server.html

Question #13
Which three services can be enabled/disabled in the Security Profile for an ESXi host? (Choose three.)
  1. A
    CIM Server
  2. B
    Single Sign-On
  3. C
    Direct Console UI
  4. D
    Syslog Server
  5. E
    vSphere Web Access

Correct Answer:
ACD


Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-37AB1F95-DDFD-4A5D-BD49-3249386FFADE.html

Question #14
An administrator would like to use the VMware Certificate Authority (VMCA) as an Intermediate Certificate Authority (CA). The first two steps performed are:
✑ Replace the Root Certificate
✑ Replace Machine Certificates (Intermediate CA)

Which two steps would need to be performed next? (Choose two.)
  1. A
    Replace Solution User Certificates (Intermediate CA)
  2. B
    Replace the VMware Directory Service Certificate (Intermediate CA)
  3. C
    Replace the VMware Directory Service Certificate
  4. D
    Replace Solution User Certificates

Correct Answer:
AC
Use VMCA as an Intermediate Certificate Authority
You can replace the VMCA root certificate with a third-party CA-signed certificate that includes VMCA in the certificate chain. Going forward, all certificates that
VMCA generates include the full chain. You can replace existing certificates with newly generated certificates. This approach combines the security of third-party
CA-signed certificate with the convenience of automated certificate management.

Procedure -
Replace the Root Certificate (Intermediate CA)
The first step in replacing the VMCA certificates with custom certificates is generating a CSR and adding the certificate that is returned to VMCA as a root certificate.
Replace Machine SSL Certificates (Intermediate CA)
After you have received the signed certificate from the CA and made it the VMCA root certificate, you can replace all machine SSL certificates.
Replace Solution User Certificates (Intermediate CA)
After you replace the machine SSL certificates, you can replace the solution user certificates.
Replace the VMware Directory Service Certificate
If you decide to use a new VMCA root certificate, and you unpublish the VMCA root certificate that was used when you provisioned your environment, you must replace the machine SSL certificates, solution user certificates, and certificates for some internal services.
Replace the VMware Directory Service Certificate in Mixed Mode Environments
During upgrade, your environment might temporarily include both vCenter Single Sign-On version 5.5 and vCenter Single Sign-On version 6.0, you have to perform additional steps to replace the VMware Directory Service SSL certificate if you replace the SSL certificate of the node on which the vCenter Single Sign-
On service is running.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-5FE583A2-3737-4B62-A905-5BB38D479AE0.html

Question #15
Which three options are available for ESXi Certificate Replacement? (Choose three.)
  1. A
    VMware Certificate Authority mode
  2. B
    Custom Certificate Authority mode
  3. C
    Thumbprint mode
  4. D
    Hybrid Deployment
  5. E
    VMware Certificate Endpoint Authority Mode

Correct Answer:
ABC
ESXi Certificate Replacement -
For ESXi hosts, you can change certificate provisioning behavior from the vSphere Web Client.

Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc%2FGUID-4469A6D3-048A-471C-9CB4-518A15EA2AC0.html

Previous Questions Next Questions

All Pages