VMware 2V0-621D Exam Practice Questions (P. 3)
- Full Access (245 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #11
Which two methods are recommended for managing the VMware Directory Service? (Choose two.)
- AUtilize the vmdir command.
- BManage through the vSphere Web Client.
- CManage using the VMware Directory Service.
- DUtilize the dc rep command.
Correct Answer:
AB
To manage VMware directory service, you can use vmdir command and vsphere web client. VMware directory service is always managed using vmdir command which is specifically used for directory services.
AB
To manage VMware directory service, you can use vmdir command and vsphere web client. VMware directory service is always managed using vmdir command which is specifically used for directory services.
send
light_mode
delete
Question #12
What are two sample roles that are provided with vCenter Server by default? (Choose three.)
- AVirtual machine User
- BNetwork Administrator
- CContent Library Administrator
- DStorage Administrator
Correct Answer:
ABC
Out of the box VMware vCenter provides several default roles (that cannot be deleted nor modified) as well as several sample roles (which can be deleted and modified):
Administrator -
Read-Only -
No Access -
Tagging Admin -
Resource Pool Administrator (sample)
Virtual Machine User (sample)
VMware Consolidated Backup User (sample)
Datastore Consumer (sample)
Network Administrator (sample)
Virtual Machine Power User (sample)
Content Library Administrator (sample)
Reference: http://www.virtuallanger.com/2015/05/26/vcp-6-objective-1-1configure-administer-role-based-access-control/
ABC
Out of the box VMware vCenter provides several default roles (that cannot be deleted nor modified) as well as several sample roles (which can be deleted and modified):
Administrator -
Read-Only -
No Access -
Tagging Admin -
Resource Pool Administrator (sample)
Virtual Machine User (sample)
VMware Consolidated Backup User (sample)
Datastore Consumer (sample)
Network Administrator (sample)
Virtual Machine Power User (sample)
Content Library Administrator (sample)
Reference: http://www.virtuallanger.com/2015/05/26/vcp-6-objective-1-1configure-administer-role-based-access-control/
send
light_mode
delete
Question #13
An administrator would like to use the VMware Certificate Authority (VMCA) as an Intermediate Certificate Authority (CA). The first two steps performed are:
✑ Replace the Root Certificate
✑ Replace Machine Certificates (Intermediate CA)
Which two steps would need to be performed next? (Choose two.)
✑ Replace the Root Certificate
✑ Replace Machine Certificates (Intermediate CA)
Which two steps would need to be performed next? (Choose two.)
- AReplace Solution User Certificates (Intermediate CA)
- BReplace the VMware Directory Service Certificate (Intermediate CA)
- CReplace the VMware Directory Service Certificate
- DReplace Solution User Certificates
Correct Answer:
AC
You can replace the VMCA root certificate with a third-party CA-signed certificate that includes VMCA in the certificate chain. Going forward, all certificates that
VMCA generates include the full chain. You can replace existing certificates with newly generated certificates. This approach combines the security of third-party
CA-signed certificate with the convenience of automated certificate management.
Reference: http://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-5FE583A2-3737-4B62-A905-
5BB38D479AE0.html
AC
You can replace the VMCA root certificate with a third-party CA-signed certificate that includes VMCA in the certificate chain. Going forward, all certificates that
VMCA generates include the full chain. You can replace existing certificates with newly generated certificates. This approach combines the security of third-party
CA-signed certificate with the convenience of automated certificate management.
Reference: http://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-5FE583A2-3737-4B62-A905-
5BB38D479AE0.html
send
light_mode
delete
Question #14
Which three options are available for ESXi Certificate Replacement? (Choose three.)
- AVMware Certificate Authority mode
- BCustom Certificate Authority mode
- CThumbprint mode
- DHybrid Deployment
- EVMware Certificate Endpoint Authority Mode
Correct Answer:
ABC
You can perform different types of certificate replacement depending on company policy and requirements for the system that you are configuring. You can perform each replacement with the vSphere Certificate Manager utility or manually by using the CLIs included with your installation.
VMCA is included in each Platform Services Controller and in each embedded deployment. VMCA provisions each node, each vCenter Server solution user, and each ESXi host with a certificate that is signed by VMCA as the certificate authority. vCenter Server solution users are groups of vCenter Server services. See vSphere Security for a list of solution users.
You can replace the default certificates. For vCenter Server components, you can use a set of command-line tools included in your installation. You have several options.
Reference: http://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc%2FGUID-4469A6D3-048A-471C-9CB4-
518A15EA2AC0.html
ABC
You can perform different types of certificate replacement depending on company policy and requirements for the system that you are configuring. You can perform each replacement with the vSphere Certificate Manager utility or manually by using the CLIs included with your installation.
VMCA is included in each Platform Services Controller and in each embedded deployment. VMCA provisions each node, each vCenter Server solution user, and each ESXi host with a certificate that is signed by VMCA as the certificate authority. vCenter Server solution users are groups of vCenter Server services. See vSphere Security for a list of solution users.
You can replace the default certificates. For vCenter Server components, you can use a set of command-line tools included in your installation. You have several options.
Reference: http://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc%2FGUID-4469A6D3-048A-471C-9CB4-
518A15EA2AC0.html
send
light_mode
delete
Question #15
Lockdown Mode has been enabled on an ESXi 6.x host and users are restricted from logging into the Direct Console User Interface (DCUI).
Which two statements are true given this configuration? (Choose two.)
Which two statements are true given this configuration? (Choose two.)
- AA user granted administrative privileges in the Exception User list can login.
- BA user defined in the DCUI.Access without administrative privileges can login.
- CA user defined in the ESXi Admins domain group can login.
- DA user set to the vCenter Administrator role can login.
Correct Answer:
AB
Reference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-F8F105F7-CF93-46DF-9319-
F8991839D265.html
AB
Reference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-F8F105F7-CF93-46DF-9319-
F8991839D265.html
send
light_mode
delete
All Pages