An administrator wants to upgrade to vCenter Server 6.x.The vCenter Server:- Is hosted on a virtual machine server running Microsoft Windows Server 2008 R2, with 8 vCPUs and16GB RAM.- Will have an embedded Platform Services Controller.- Hosts a Large Environment with 1,000 ESXi hosts and 10,000 Virtual Machines.Why does the vCenter Server not meet the minimum requirements?

The virtual machine has insufficient resources for the environment size.

Windows Server 2008 R2 is not a supported Operating System for vCenter Server

The virtual machine has insufficient resources for the environment size.

The environment is too large to be managed by a single vCenter Server.

The Platform Services Controller must be changed to an External deployment.

An administrator is upgrading a vCenter Server Appliance and wants to ensure that all the prerequisitesare met.What action must be taken before upgrading the vCenter Server Appliance?

Install the Client Integration Plug-in.

Install the Update Manager Plug-in.

An administrator is able to manage an ESXi 6.x host connected to vCenter Server using the vSphere WebClient but is unable to connect to the host directly.Which action should the administrator take to correct this behavior?

Disable Lockdown Mode on the ESXi host through vCenter Server.

Restart management agents on the ESXi host.

Disable Lockdown Mode on the ESXi host through vCenter Server.

Disable the ESXi firewall with the command esxcli network firewall unload.

An administrator has migrated a vCenter Server Appliance from version 5.5 to version 6.x.During the migration, the administrator selected DHCP for the appliance and obtained a hostname fromthe DHCP server.The administrator adjusts the hostname after the migration and uses a static IP and hostname.What should the administrator do immediately after this change to prevent service failures?

Regenerate the SSL certificates.

Re-register components to Single Sign-On.

Execute the command services.restart vmware-vpxd.

An administrator wants to clone a virtual machine using the vSphere Client.Which explains why the Clone option is missing?

The vSphere Client is directly connected to the ESXi host

The virtual machine is configured with a thin-provisioned virtual disk.

The virtual machine is configured with outdated Virtual Hardware.

Cloning can only be performed with vRealize Orchestrator.

What will occur if the .nvram file is deleted from a powered off virtual machine?

The .nvram file will get created the next time the virtual machine is powered on.

Restoring the file from backup is needed to allow the virtual machine to power on.

The virtual machine will fail to power on and enter an Orphaned state.

The virtual machine will fail to power on and enter an Inaccessible state.

An administrator tries to connect the vSphere 5.5 Client to an ESXi 6.x host.What will happen when this takes place?

The operation will prompt the administrator to run a script to upgrade the vSphere Client.

The operation will fail, since the vSphere Client is deprecated in vSphere 6.x.

The operation will fail and the administrator will need to delete the client and install the 6.x version.

The operation will prompt the administrator to run a script to upgrade the vSphere Client.

The operation will update the vSphere Client silentl

An administrator wants to provide users restricted access. The users should only be able to perform thefollowing tasks:- Create and consolidate virtual machine snapshots- Add/Remove virtual disks- Snapshot ManagementWhich default role in vCenter Server would meet the administrator's requirements for the users?

Virtual Datacenter administrator

VMware Consolidated Backup user

Strict Lockdown Mode has been enabled on an ESXi host.Which action should an administrator perform to allow ESXi Shell or SSH access for users withadministrator privileges?

Add the users to Exception Users and enable the service.

Grant the users the administrator role and enable the service.

Add the users to Exception Users and enable the service.

No action can be taken, Strict Lockdown Mode prevents direct access.

Add the users to vsphere.local and enable the service.

An administrator would like to use a passphrase for their ESXi 6.x hosts which has these characteristics:-Minimum of 21 characters-Minimum of 2 wordsWhich advanced options must be set to allow this passphrase configuration to be used?

retry=3 min=disabled, disabled, 21, 7, 7 passphrase=2

retry=3 min=disabled, disabled, 7, 21, 7 passphrase=2

retry=3 min=disabled, disabled, 21, 7, 7 passphrase=2

retry=3 min=disabled, disabled, 2, 21, 7

retry=3 min=disabled, disabled, 21, 21, 2

Which group in the vsphere.local domain will have administrator privileges for the VMware CertificateAuthority (VMCA)?

SystemConfiguration.Administrators

An administrator is performing a silent automatic update of VMware Tools on a Windows virtual machine.What syntax needs to be entered into the Advanced Options box?

/s /v "/qn" /l "c:\Windows\filename.log"

--prefix=/usr/local,/usr/lib,/usr/doc --silent

--prefix=c:\Windows,c:\VMtools --silent

/fs /v "/qn+" /l "c:\Windows\filename.log"

Which two methods are recommended for managing the VMware Directory Service? (Choose two.)

Manage through the vSphere Web Client

Manage using the VMware Directory Service.

An administrator would like to use the VMware Certificate Authority (VMCA) as an Intermediate CertificateAuthority (CA). The first two steps performed are:- Replace the Root Certificate- Replace Machine Certificates (Intermediate CA)Which two steps would need to be performed next? (Choose two.)

Replace Solution User Certificates (Intermediate CA)

Replace the VMware Directory Service Certificate

Replace Solution User Certificates (Intermediate CA)

Replace the VMware Directory Service Certificate (Intermediate CA)

Replace the VMware Directory Service Certificate

Replace Solution User Certificates

Which three options are available for ESXi Certificate Replacement? (Choose three.)

VMware Certificate Authority mode

Custom Certificate Authority mode

VMware Certificate Authority mode

Custom Certificate Authority mode

VMware Certificate Endpoint Authority Mode

Which three options are available for replacing vCenter Server Security Certificates? (Choose three.)

Replace with Certificates signed by the VMware Certificate Authority.

Make VMware Certificate Authority an Intermediate Certificate Authority.

Do not use VMware Certificate Authority, provision your own Certificates.

Replace with Certificates signed by the VMware Certificate Authority.

Make VMware Certificate Authority an Intermediate Certificate Authority.

Do not use VMware Certificate Authority, provision your own Certificates.

Replace all VMware Certificate Authority issued Certificates with self-signed Certificates.

Vcp Data Center (2v0-621-mod-1-4)

Approved & Edited by ProProfs Editorial Team

At ProProfs Quizzes, our dedicated in-house team of experts takes pride in their work. With a sharp eye for detail, they meticulously review each quiz. This ensures that every quiz, taken by over 100 million users, meets our standards of accuracy, clarity, and engagement.

Learn about Our Editorial Process

| Written by Prakash Pathak

Prakash Pathak

Community Contributor

Quizzes Created: 1 | Total Attempts: 128

Questions: 44 | Attempts: 128 | Updated: Mar 22, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

Questions and Answers

1.

Write text here
2.

Which Advanced Setting should be created for the vCenter Server to change the expiration policy of thevpxuser password?
- A.
  
  VimPasswordExpirationInDays
- B.
  
  VimExpirationPasswordDays
- C.
  
  VimPassExpirationInDays
- D.
  
  VimPasswordRefreshDays
Correct Answer
A. VimPasswordExpirationInDays

Explanation
The correct answer is "VimPasswordExpirationInDays". This advanced setting should be created for the vCenter Server to change the expiration policy of the vpxuser password. This setting allows administrators to specify the number of days after which the vpxuser password will expire and need to be changed. By setting this value, administrators can enhance the security of the vCenter Server by ensuring that passwords are regularly updated.

Rate this question:
3.

Which Platform Service Controller Password Policy determines the number of days a password can existbefore the user must change it?
- A.
  
  Maximum Lifetime
- B.
  
  Maximum Days
- C.
  
  Password Age
- D.
  
  Password Lifetime
Correct Answer
A. Maximum Lifetime

Explanation
The correct answer is "Maximum Lifetime". The Maximum Lifetime password policy determines the number of days a password can exist before the user is required to change it. This policy helps ensure the security of user accounts by enforcing regular password changes and reducing the risk of unauthorized access.

Rate this question:
4.

An administrator is configuring the clock tolerance for the Single Sign-On token configuration policy andwants to define the time skew tolerance between a client and the domain controller clock.Which time measurement is used for the value?
- A.
  
  Milliseconds
- B.
  
  Seconds
- C.
  
  Minutes
- D.
  
  Hours
Correct Answer
A. Milliseconds

Explanation
The administrator is configuring the clock tolerance for the Single Sign-On token configuration policy. They want to define the time skew tolerance between a client and the domain controller clock. The time measurement used for the value is milliseconds.

Rate this question:
5.

An administrator wants to upgrade to vCenter Server 6.x.The vCenter Server:- Is hosted on a virtual machine server running Microsoft Windows Server 2008 R2, with 8 vCPUs and16GB RAM.- Will have an embedded Platform Services Controller.- Hosts a Large Environment with 1,000 ESXi hosts and 10,000 Virtual Machines.Why does the vCenter Server not meet the minimum requirements?
- A.
  
  Windows Server 2008 R2 is not a supported Operating System for vCenter Server
- B.
  
  The virtual machine has insufficient resources for the environment size.
- C.
  
  The environment is too large to be managed by a single vCenter Server.
- D.
  
  The Platform Services Controller must be changed to an External deployment.
Correct Answer
B. The virtual machine has insufficient resources for the environment size.

Explanation
The virtual machine server running Windows Server 2008 R2 with 8 vCPUs and 16GB RAM does not meet the minimum requirements because it does not have enough resources to handle the large environment with 1,000 ESXi hosts and 10,000 Virtual Machines. To effectively manage such a large environment, the vCenter Server would need more CPU and RAM resources.

Rate this question:
6.

An administrator is upgrading a vCenter Server Appliance and wants to ensure that all the prerequisitesare met.What action must be taken before upgrading the vCenter Server Appliance?
- A.
  
  Install the Client Integration Plug-in.
- B.
  
  Install the database client.
- C.
  
  Install the ODBC connector.
- D.
  
  Install the Update Manager Plug-in.
Correct Answer
A. Install the Client Integration Plug-in.

Explanation
Before upgrading the vCenter Server Appliance, the administrator must install the Client Integration Plug-in. This plug-in is required for the vCenter Server Appliance upgrade process as it provides the necessary functionality for tasks such as deploying OVF templates, transferring files, and accessing the vSphere Web Client. Without the Client Integration Plug-in, the upgrade process may encounter issues or fail to complete successfully. Therefore, it is essential to have this plug-in installed to ensure all the prerequisites are met for the vCenter Server Appliance upgrade.

Rate this question:
7.

An administrator is able to manage an ESXi 6.x host connected to vCenter Server using the vSphere WebClient but is unable to connect to the host directly.Which action should the administrator take to correct this behavior?
- A.
  
  Restart management agents on the ESXi host.
- B.
  
  Disable Lockdown Mode on the ESXi host through vCenter Server.
- C.
  
  Disable the ESXi firewall with the command esxcli network firewall unload.
- D.
  
  Reboot the ESXi host.
Correct Answer
B. Disable Lockdown Mode on the ESXi host through vCenter Server.

Explanation
To correct the behavior of being unable to connect to the ESXi host directly, the administrator should disable Lockdown Mode on the ESXi host through vCenter Server. Lockdown Mode restricts access to the host directly and only allows management through vCenter Server. By disabling Lockdown Mode, the administrator will regain the ability to manage the host directly using the vSphere WebClient.

Rate this question:
8.

An administrator has migrated a vCenter Server Appliance from version 5.5 to version 6.x.During the migration, the administrator selected DHCP for the appliance and obtained a hostname fromthe DHCP server.The administrator adjusts the hostname after the migration and uses a static IP and hostname.What should the administrator do immediately after this change to prevent service failures?
- A.
  
  Regenerate the SSL certificates.
- B.
  
  Re-register components to Single Sign-On.
- C.
  
  Update the /etc/hosts file.
- D.
  
  Execute the command services.restart vmware-vpxd.
Correct Answer
A. Regenerate the SSL certificates.
9.

Which password meets ESXi 6.x host password requirements?
- A.
  
  8kMVnn2x!
- B.
  
  ZNgtnJBA2
- C.
  
  Nvgt34kn44
- D.
  
  b74wr
Correct Answer
A. 8kMVnn2x!

Explanation
The password "8kMVnn2x!" meets ESXi 6.x host password requirements because it is a combination of uppercase and lowercase letters, numbers, and special characters. It also has a minimum length of 8 characters, which is a common requirement for strong passwords.

Rate this question:
10.

An administrator is building a large virtual machine that will require as many vCPUs as the host cansupport. An ESXi 6.x host has these specifications: - Six 32-core Intel Xeon Processors - 256 GB of Memory - 512 GB Local disk space using VMFS5 What is the maximum number of virtual CPUs that the virtual machine can be allocated?
- A.
  
  64
- B.
  
  192
- C.
  
  128
- D.
  
  256
Correct Answer
C. 128

Explanation
The maximum number of virtual CPUs that the virtual machine can be allocated is 128. This is because the host has six 32-core processors, which means a total of 192 cores. However, ESXi reserves some cores for system use, so not all 192 cores can be allocated to virtual machines. Typically, ESXi reserves 1 core per socket, so in this case, 6 cores would be reserved. Therefore, the maximum number of virtual CPUs that can be allocated is 192 - 6 = 186. However, ESXi also has a limit of 128 virtual CPUs per virtual machine, so the maximum number of virtual CPUs that can be allocated is 128.

Rate this question:
11.

An administrator connects to an ESXi 6.x host console in order to shutdown the host.Which option in the Direct Console User Interface would perform this task?
- A.
  
  Press the F12 key
- B.
  
  Press the F2 key
- C.
  
  Press Alt + F1 simultaneously
- D.
  
  Press Alt + F2 simultaneously
Correct Answer
A. Press the F12 key

Explanation
Pressing the F12 key in the Direct Console User Interface (DCUI) of an ESXi 6.x host would perform the task of shutting down the host. This key is typically used to initiate a graceful shutdown of the host, allowing all virtual machines and services to be properly stopped before the host powers off.

Rate this question:
12.

An administrator wants to clone a virtual machine using the vSphere Client.Which explains why the Clone option is missing?
- A.
  
  The vSphere Client is directly connected to the ESXi host
- B.
  
  The virtual machine is configured with a thin-provisioned virtual disk.
- C.
  
  The virtual machine is configured with outdated Virtual Hardware.
- D.
  
  Cloning can only be performed with vRealize Orchestrator.
Correct Answer
A. The vSphere Client is directly connected to the ESXi host

Explanation
The Clone option is missing because the vSphere Client is directly connected to the ESXi host. This means that the vSphere Client does not have access to the necessary features and functionalities required for cloning a virtual machine. To perform cloning, the vSphere Client needs to be connected to vCenter Server, which provides the necessary management and control capabilities.

Rate this question:
13.

What will occur if the .nvram file is deleted from a powered off virtual machine?
- A.
  
  The .nvram file will get created the next time the virtual machine is powered on.
- B.
  
  Restoring the file from backup is needed to allow the virtual machine to power on.
- C.
  
  The virtual machine will fail to power on and enter an Orphaned state.
- D.
  
  The virtual machine will fail to power on and enter an Inaccessible state.
Correct Answer
A. The .nvram file will get created the next time the virtual machine is powered on.

Explanation
If the .nvram file is deleted from a powered off virtual machine, the file will be automatically created the next time the virtual machine is powered on.

Rate this question:
14.

An administrator tries to connect the vSphere 5.5 Client to an ESXi 6.x host.What will happen when this takes place?
- A.
  
  The operation will fail, since the vSphere Client is deprecated in vSphere 6.x.
- B.
  
  The operation will fail and the administrator will need to delete the client and install the 6.x version.
- C.
  
  The operation will prompt the administrator to run a script to upgrade the vSphere Client.
- D.
  
  The operation will update the vSphere Client silentl
Correct Answer
C. The operation will prompt the administrator to run a script to upgrade the vSphere Client.

Explanation
When an administrator tries to connect the vSphere 5.5 Client to an ESXi 6.x host, the operation will prompt the administrator to run a script to upgrade the vSphere Client. This means that the current version of the vSphere Client is not compatible with the ESXi 6.x host, and the administrator will be prompted to upgrade the client using a script.

Rate this question:
15.

What is the minimum Virtual Hardware version required for vFlash Read Cache?
- A.
  
  Version 8
- B.
  
  Version 9
- C.
  
  Version 10
- D.
  
  Version 11
Correct Answer
C. Version 10

Explanation
The minimum Virtual Hardware version required for vFlash Read Cache is Version 10. This means that in order to use vFlash Read Cache, the virtual machine must be running on at least Virtual Hardware version 10.

Rate this question:
16.

An administrator wants to provide users restricted access. The users should only be able to perform thefollowing tasks:- Create and consolidate virtual machine snapshots- Add/Remove virtual disks- Snapshot ManagementWhich default role in vCenter Server would meet the administrator's requirements for the users?
- A.
  
  Virtual machine user
- B.
  
  Virtual machine power user
- C.
  
  Virtual Datacenter administrator
- D.
  
  VMware Consolidated Backup user
Correct Answer
B. Virtual machine power user

Explanation
The virtual machine power user role in vCenter Server would meet the administrator's requirements for the users. This role allows users to create and consolidate virtual machine snapshots, as well as add/remove virtual disks. It also includes the ability to perform snapshot management tasks. This role provides the necessary level of access and control for the specified tasks, without granting full administrative privileges.

Rate this question:
17.

Strict Lockdown Mode has been enabled on an ESXi host.Which action should an administrator perform to allow ESXi Shell or SSH access for users withadministrator privileges?
- A.
  
  Grant the users the administrator role and enable the service.
- B.
  
  Add the users to Exception Users and enable the service.
- C.
  
  No action can be taken, Strict Lockdown Mode prevents direct access.
- D.
  
  Add the users to vsphere.local and enable the service.
Correct Answer
B. Add the users to Exception Users and enable the service.

Explanation
To allow ESXi Shell or SSH access for users with administrator privileges in Strict Lockdown Mode, the administrator should add the users to Exception Users and enable the service. This will exempt the specified users from the restrictions imposed by Strict Lockdown Mode and allow them to access the ESXi Shell or SSH. Granting the users the administrator role alone will not be sufficient as Strict Lockdown Mode prevents direct access, so the exception needs to be added to bypass this restriction. Adding the users to vsphere.local and enabling the service is not the correct action in this scenario.

Rate this question:
18.

An administrator would like to use a passphrase for their ESXi 6.x hosts which has these characteristics:-Minimum of 21 characters-Minimum of 2 wordsWhich advanced options must be set to allow this passphrase configuration to be used?
- A.
  
  Retry=3 min=disabled, disabled, 7, 21, 7 passphrase=2
- B.
  
  Retry=3 min=disabled, disabled, 21, 7, 7 passphrase=2
- C.
  
  Retry=3 min=disabled, disabled, 2, 21, 7
- D.
  
  Retry=3 min=disabled, disabled, 21, 21, 2
Correct Answer
B. Retry=3 min=disabled, disabled, 21, 7, 7 passphrase=2

Explanation
The correct answer is "retry=3 min=disabled, disabled, 21, 7, 7 passphrase=2". This is because the passphrase must have a minimum of 21 characters and a minimum of 2 words. The "retry=3" option specifies that the user can retry the passphrase 3 times before being locked out. The "min=disabled" option disables the use of a minimum passphrase length. The "21, 7, 7" values specify the minimum number of uppercase letters, lowercase letters, and numbers required in the passphrase. The "passphrase=2" option allows the use of a passphrase.

Rate this question:
19.

Which group in the vsphere.local domain will have administrator privileges for the VMware CertificateAuthority (VMCA)?
- A.
  
  SolutionUsers
- B.
  
  CAAdmins
- C.
  
  DCAAdmins
- D.
  
  SystemConfiguration.Administrators
Correct Answer
B. CAAdmins

Explanation
CAAdmins group in the vsphere.local domain will have administrator privileges for the VMware Certificate Authority (VMCA). This group is specifically designed to manage and administer the VMCA, including tasks such as issuing and revoking certificates, configuring certificate policies, and managing certificate trust. The other groups mentioned, such as SolutionUsers, DCAAdmins, and SystemConfiguration.Administrators, do not have the same level of privileges and responsibilities as the CAAdmins group in relation to the VMCA.

Rate this question:
20.

An administrator is performing a silent automatic update of VMware Tools on a Windows virtual machine.What syntax needs to be entered into the Advanced Options box?
- A.
  
  /s /v "/qn" /l "c:\Windows\filename.log"
- B.
  
  --prefix=/usr/local,/usr/lib,/usr/doc --silent
- C.
  
  --prefix=c:\Windows,c:\VMtools --silent
- D.
  
  /fs /v "/qn+" /l "c:\Windows\filename.log"
Correct Answer
A. /s /v "/qn" /l "c:\Windows\filename.log"

Explanation
The correct answer is "/s /v "/qn" /l "c:\Windows\filename.log". This syntax is used to perform a silent automatic update of VMware Tools on a Windows virtual machine. The "/s" option is used to run the installer silently, the "/v" option is used to pass command line parameters to the installer, "/qn" is a parameter that specifies a silent installation with no user interface, and "/l" is used to specify the log file location. The log file will be saved in the "c:\Windows" directory with the name "filename.log".

Rate this question:
21.

Which two methods are recommended for managing the VMware Directory Service? (Choose two.)
- A.
  
  Utilize the vmdir command.
- B.
  
  Manage through the vSphere Web Client
- C.
  
  Manage using the VMware Directory Service.
- D.
  
  Utilize the dc rep command.
Correct Answer(s)
A. Utilize the vmdir command.
B. Manage through the vSphere Web Client

Explanation
The vmdir command is recommended for managing the VMware Directory Service as it allows for direct management and configuration of the directory service. Managing through the vSphere Web Client is also recommended as it provides a user-friendly interface for managing various VMware services, including the Directory Service.

Rate this question:
22.

What are two sample roles that are provided with vCenter Server by default? (Choose two.)
- A.
  
  Virtual machine User
- B.
  
  Network Administrator
- C.
  
  Content Library Administrator
- D.
  
  Storage Administrator
Correct Answer(s)
A. Virtual machine User
B. Network Administrator

Explanation
vCenter Server is a management platform for VMware virtualization environments. It provides various roles with different levels of access and permissions. The "Virtual machine User" role is one of the default roles that allows users to interact with virtual machines, perform basic tasks, and view their own virtual machines. The "Network Administrator" role is another default role that grants users permissions to manage and configure network settings within the vCenter Server environment. These two roles are provided by default to ensure that users have the necessary access and control over virtual machines and network configurations.

Rate this question:
23.

Which three services can be enabled/disabled in the Security Profile for an ESXi host? (Choose three.)
- A.
  
  CIM Server
- B.
  
  Single Sign-On
- C.
  
  Direct Console UI
- D.
  
  Syslog Server
- E.
  
  VSphere Web Access
Correct Answer(s)
A. CIM Server
C. Direct Console UI
D. Syslog Server

Explanation
The CIM Server service can be enabled/disabled in the Security Profile for an ESXi host. This service provides management and monitoring capabilities for the host. The Direct Console UI service can also be enabled/disabled, which allows administrators to access the host's console directly. Lastly, the Syslog Server service can be enabled/disabled, which allows the host to send log messages to a remote syslog server for centralized logging and analysis.

Rate this question:
24.

An administrator would like to use the VMware Certificate Authority (VMCA) as an Intermediate CertificateAuthority (CA). The first two steps performed are:- Replace the Root Certificate- Replace Machine Certificates (Intermediate CA)Which two steps would need to be performed next? (Choose two.)
- A.
  
  Replace Solution User Certificates (Intermediate CA)
- B.
  
  Replace the VMware Directory Service Certificate (Intermediate CA)
- C.
  
  Replace the VMware Directory Service Certificate
- D.
  
  Replace Solution User Certificates
Correct Answer(s)
A. Replace Solution User Certificates (Intermediate CA)
C. Replace the VMware Directory Service Certificate

Explanation
The next two steps that need to be performed are to replace the Solution User Certificates (Intermediate CA) and to replace the VMware Directory Service Certificate. These steps are necessary in order to fully utilize the VMware Certificate Authority (VMCA) as an Intermediate Certificate Authority (CA). By replacing the Solution User Certificates, the administrator ensures that all user certificates are updated and compatible with the VMCA. Similarly, by replacing the VMware Directory Service Certificate, the administrator ensures that the directory service is also updated and compatible with the VMCA.

Rate this question:
25.

Which three options are available for ESXi Certificate Replacement? (Choose three.)
- A.
  
  VMware Certificate Authority mode
- B.
  
  Custom Certificate Authority mode
- C.
  
  Thumbprint mode
- D.
  
  Hybrid Deployment
- E.
  
  VMware Certificate Endpoint Authority Mode
Correct Answer(s)
A. VMware Certificate Authority mode
B. Custom Certificate Authority mode
C. Thumbprint mode

Explanation
The three options available for ESXi Certificate Replacement are VMware Certificate Authority mode, Custom Certificate Authority mode, and Thumbprint mode. VMware Certificate Authority mode allows the ESXi host to obtain a certificate from a VMware Certificate Authority. Custom Certificate Authority mode allows the ESXi host to obtain a certificate from a custom Certificate Authority. Thumbprint mode allows the ESXi host to replace the certificate with a certificate that has a specific thumbprint. These options provide flexibility in managing and replacing certificates in ESXi environments.

Rate this question:
26.

Which three options are available for replacing vCenter Server Security Certificates? (Choose three.)
- A.
  
  Replace with Certificates signed by the VMware Certificate Authority.
- B.
  
  Make VMware Certificate Authority an Intermediate Certificate Authority.
- C.
  
  Do not use VMware Certificate Authority, provision your own Certificates.
- D.
  
  Use SSL Thumbprint mode.
- E.
  
  Replace all VMware Certificate Authority issued Certificates with self-signed Certificates.
Correct Answer(s)
A. Replace with Certificates signed by the VMware Certificate Authority.
B. Make VMware Certificate Authority an Intermediate Certificate Authority.
C. Do not use VMware Certificate Authority, provision your own Certificates.

Explanation
The three options available for replacing vCenter Server Security Certificates are:
1. Replace with Certificates signed by the VMware Certificate Authority: This option involves obtaining new certificates from the VMware Certificate Authority and replacing the existing ones.
2. Make VMware Certificate Authority an Intermediate Certificate Authority: This option allows the VMware Certificate Authority to issue certificates that can be used by other certificate authorities.
3. Do not use VMware Certificate Authority, provision your own Certificates: This option involves using certificates from a different certificate authority or generating self-signed certificates instead of using the VMware Certificate Authority.

Rate this question:
27.

When attempting to log in with the vSphere Web Client, users have reported the error:Incorrect Username/PasswordThe administrator has configured the Platform Services Controller Identity Source as:- Type. Active Directory as an LDAP Server- Domain: vmware.com- Alias: VMWARE- Default Domain: YesWhich two statements would explain why users cannot login to the vSphere Web Client? (Choose two.)
- A.
  
  Users are typing the password incorrectly.
- B.
  
  Users are in a forest that has 1-way trust
- C.
  
  Users are in a forest that has 2-way trust.
- D.
  
  Users are logging into vCenter Server with incorrect permissions.
Correct Answer(s)
A. Users are typing the password incorrectly.
B. Users are in a forest that has 1-way trust

Explanation
The first statement suggests that users might be typing the password incorrectly, which could be the reason for the login error. The second statement suggests that users might be in a forest that has a one-way trust, which means that the identity source (Active Directory) does not trust the vSphere Web Client. This lack of trust could prevent users from logging in successfully.

Rate this question:
28.

An administrator needs to create an Integrated Windows Authentication (IWA) Identity Source on a newlydeployed vCenter Server Appliance (VCSA).Which two actions will accomplish this? (Choose two.)
- A.
  
  Use a Service Principal Name (SPN) to configure the Identity Source
- B.
  
  Use a Domain administrator to configure the Identity Source.
- C.
  
  Join the VCSA to Active Directory and configure the Identity Source with a Machine Account.
- D.
  
  Create a computer account in Active Directory for the VCSA and configure the Identity Source.
Correct Answer(s)
A. Use a Service Principal Name (SPN) to configure the Identity Source
C. Join the VCSA to Active Directory and configure the Identity Source with a Machine Account.
29.

Which two vCenter Server services are migrated automatically as part of an upgrade from a DistributedvCenter Server running 5.x? (Choose two.)
- A.
  
  VCenter Single Sign-on Service
- B.
  
  VSphere Web Client
- C.
  
  VSphere Inventory Service
- D.
  
  Storage Policy Based Management
Correct Answer(s)
B. VSphere Web Client
C. VSphere Inventory Service

Explanation
As part of an upgrade from a Distributed vCenter Server running 5.x, the vSphere Web Client and vSphere Inventory Service are migrated automatically. The vSphere Web Client is a user interface for managing vCenter Server and allows for the management of virtual machines, hosts, and other resources. The vSphere Inventory Service provides a consolidated view of virtual machine inventory across multiple vCenter Server instances. These two services are essential components of vCenter Server and are necessary for its proper functioning.

Rate this question:
30.

Which three ports are used by the vSphere Web Client when connecting directly to an ESXi 6.x host?(Choose three.)
- A.
  
  443 TCP
- B.
  
  902 TCP and UDP
- C.
  
  903 TCP
- D.
  
  5480 TCP
- E.
  
  9443 TCP and UDP
Correct Answer(s)
A. 443 TCP
B. 902 TCP and UDP
C. 903 TCP

Explanation
The vSphere Web Client uses three ports when connecting directly to an ESXi 6.x host. Port 443 TCP is used for HTTPS communication, allowing secure access to the ESXi host. Port 902 TCP and UDP are used for communication between the vSphere Web Client and the ESXi host's management agents. Port 903 TCP is used for communication between the vSphere Web Client and the ESXi host's hostd agent. These ports are essential for establishing a connection and managing the ESXi host through the vSphere Web Client.

Rate this question:
31.

An administrator wants to allow users to login to the vSphere Web Client using the Use Windows sessionauthentication check box for faster authentication.Which three requirements must be met for this feature to be available and functional? (Choose three.)
- A.
  
  Install the vSphere Web Client Integration browser plug-in on the vCenter Server and Platform Services Controller machines.
- B.
  
  Install the vSphere Web Client Integration browser plug-in on each workstation from where a user will sign in.
- C.
  
  The users must be signed into Windows using Active Directory user accounts.
- D.
  
  The administrator must create a valid Identity Source in Single Sign-On for the users domain.
- E.
  
  The administrator must create a valid Single Sign-On Identity Source using Integrated Windows Authentication.
Correct Answer(s)
B. Install the vSphere Web Client Integration browser plug-in on each workstation from where a user will sign in.
C. The users must be signed into Windows using Active Directory user accounts.
D. The administrator must create a valid Identity Source in Single Sign-On for the users domain.

Explanation
In order for users to login to the vSphere Web Client using the Use Windows session authentication check box, three requirements must be met. First, the vSphere Web Client Integration browser plug-in must be installed on each workstation from where a user will sign in. Second, the users must be signed into Windows using Active Directory user accounts. Finally, the administrator must create a valid Identity Source in Single Sign-On for the users' domain. These three requirements ensure that the feature is available and functional for users to authenticate using their Windows session.

Rate this question:
32.

An administrator notices that the time on an ESXi 6.x host is incorrect.Which two actions should the administrator take to correct this issue? (Choose two.)
- A.
  
  Modify the time for the host using the vSphere client.
- B.
  
  Correct the NTP settings in the /etc/ntp.conf file.
- C.
  
  Configure NTP from the Direct Console User Interface
- D.
  
  Use the vicfg-ntp command from the vSphere Management Appliance.
Correct Answer(s)
A. Modify the time for the host using the vSphere client.
B. Correct the NTP settings in the /etc/ntp.conf file.

Explanation
The administrator should first modify the time for the host using the vSphere client. This can be done by accessing the vSphere client, selecting the host, and navigating to the Configure tab, where the time settings can be adjusted. Secondly, the administrator should correct the NTP settings in the /etc/ntp.conf file. This file contains the configuration settings for the NTP (Network Time Protocol) service, and by making the necessary corrections, the host's time can be synchronized accurately.

Rate this question:
33.

An administrator is troubleshooting a virtual machine that has unexpectedly powered off.Which two logs should be used to troubleshoot the issue? (Choose two.)
- A.
  
  Vmware.log
- B.
  
  Hostd.log
- C.
  
  Syslog.log
- D.
  
  Shell.log
Correct Answer(s)
A. Vmware.log
B. Hostd.log

Explanation
To troubleshoot a virtual machine that has unexpectedly powered off, the administrator should refer to the vmware.log and hostd.log. The vmware.log contains detailed information about the virtual machine's activity, including any errors or warnings that may have occurred. The hostd.log, on the other hand, provides logs specific to the ESXi host, which can help identify any host-related issues that may have caused the virtual machine to power off. By analyzing these two logs, the administrator can gain insights into the possible causes of the unexpected power-off and take appropriate actions to resolve the issue.

Rate this question:
34.

What are two ways to view the DNS settings for an ESXi 6.x host? (Choose two.)
- A.
  
  Use the vicfg-dns command from the vSphere Management Appliance.
- B.
  
  View the /etc/resolv.conf file on the ESXi host.
- C.
  
  Use vicfg-dns command on the ESXi host.
- D.
  
  View the /etc/dns.conf file on the ESXi host.
Correct Answer(s)
A. Use the vicfg-dns command from the vSphere Management Appliance.
B. View the /etc/resolv.conf file on the ESXi host.

Explanation
The correct answer is to use the vicfg-dns command from the vSphere Management Appliance and to view the /etc/resolv.conf file on the ESXi host. These are two ways to view the DNS settings for an ESXi 6.x host. The vicfg-dns command can be used through the vSphere Management Appliance to configure and view DNS settings, while the /etc/resolv.conf file on the ESXi host contains the DNS configuration information that can be viewed directly.

Rate this question:
35.

Lockdown Mode has been enabled on an ESXi 6.x host and users are restricted from logging into theDirect Console User Interface (DCUI).Which two statements are true given this configuration? (Choose two.)
- A.
  
  A user granted administrative privileges in the Exception User list can login.
- B.
  
  A user defined in the DCUI.Access without administrative privileges can login.
- C.
  
  A user defined in the ESXi Admins domain group can login.
- D.
  
  A user set to the vCenter Administrator role can login.
Correct Answer(s)
A. A user granted administrative privileges in the Exception User list can login.
B. A user defined in the DCUI.Access without administrative privileges can login.

Explanation
When Lockdown Mode is enabled on an ESXi 6.x host, it restricts users from logging into the Direct Console User Interface (DCUI). However, there are two exceptions to this restriction. Firstly, a user who has been granted administrative privileges in the Exception User list can still login. Secondly, a user who is defined in the DCUI.Access without administrative privileges can also login. Therefore, both of these statements are true given this configuration.

Rate this question:
36.

A common root user account has been configured for a group of ESXi 6.x hosts.Which two steps should be taken to mitigate security risks associated with this configuration? (Choosetwo.)
- A.
  
  Remove the root user account from the ESXi host.
- B.
  
  Set a complex password for the root account and limit its use.
- C.
  
  Use ESXi Active Directory capabilities to assign users the administrator role.
- D.
  
  Use Lockdown mode to restrict root account access.
Correct Answer(s)
B. Set a complex password for the root account and limit its use.
C. Use ESXi Active Directory capabilities to assign users the administrator role.

Explanation
To mitigate security risks associated with a common root user account configured for a group of ESXi 6.x hosts, two steps should be taken. First, setting a complex password for the root account and limiting its use helps to enhance security by making it difficult for unauthorized users to gain access. Second, using ESXi Active Directory capabilities to assign users the administrator role allows for better control and management of user access, reducing the reliance on a single root account and distributing administrative privileges among authorized users.

Rate this question:
37.

Which two advanced features should be disabled for virtual machines that are only hosted on a vSpheresystem? (Choose two.)
- A.
  
  Isolation.tools.unity.push.update.disable
- B.
  
  Isolation.tools.ghi.launchmenu.change
- C.
  
  Isolation.tools.bbs.disable
- D.
  
  Isolation.tools.hgfsServerSet.enable
Correct Answer(s)
A. Isolation.tools.unity.push.update.disable
B. Isolation.tools.ghi.launchmenu.change

Explanation
The two advanced features that should be disabled for virtual machines hosted on a vSphere system are "isolation.tools.unity.push.update.disable" and "isolation.tools.ghi.launchmenu.change". These features are related to Unity integration and Guest Host Interaction (GHI) respectively. Disabling these features ensures that the virtual machines are isolated and do not have access to the host system's Unity interface or the ability to change the launch menu.

Rate this question:
38.

To reduce the attack vectors for a virtual machine, which two settings should an administrator set tofalse? (Choose two.)
- A.
  
  IdeX:Y.present
- B.
  
  Serial.present
- C.
  
  IdeX:Y.enabled
- D.
  
  Serial.enabled
Correct Answer(s)
A. IdeX:Y.present
B. Serial.present

Explanation
To reduce the attack vectors for a virtual machine, an administrator should set the "ideX:Y.present" and "serial.present" settings to false. By disabling these settings, the virtual machine will not have access to any IDE or serial ports, which can be potential entry points for attackers. Disabling these settings ensures that the virtual machine is more secure and less vulnerable to attacks through these vectors.

Rate this question:
39.

Which two groups of settings should be reviewed when attempting to increase the security of virtualmachines (VMs)? (Choose two.)
- A.
  
  Disable hardware devices
- B.
  
  Disable unexposed features
- C.
  
  Disable VMtools devices
- D.
  
  Disable VM Template features
Correct Answer(s)
A. Disable hardware devices
B. Disable unexposed features

Explanation
To increase the security of virtual machines (VMs), two groups of settings should be reviewed. First, disabling hardware devices is important as it prevents unauthorized access or tampering with the VMs through physical devices. By disabling hardware devices, only authorized personnel can access and control the VMs. Second, disabling unexposed features is crucial as it reduces the attack surface and minimizes the risk of vulnerabilities. Unexposed features may provide potential entry points for attackers, so disabling them ensures that only necessary and secure features are enabled on the VMs.

Rate this question:
40.

An administrator has been instructed to secure existing virtual machines in vCenter Server.Which two actions should the administrator take to secure these virtual machines? (Choose two.)
- A.
  
  Disable native remote management services
- B.
  
  Restrict Remote Console access
- C.
  
  Use Independent Non-Persistent virtual disks
- D.
  
  Prevent use of Independent Non-Persistent virtual disks
Correct Answer(s)
B. Restrict Remote Console access
D. Prevent use of Independent Non-Persistent virtual disks

Explanation
The administrator should restrict Remote Console access to secure the virtual machines. By limiting access to the console, unauthorized users will not be able to interact with the virtual machines directly. Additionally, the administrator should prevent the use of Independent Non-Persistent virtual disks. These disks do not retain any changes made to them, which can be a security risk as any malicious activity or data breach would not be saved. By preventing their use, the administrator can ensure that all changes made to the virtual machines are persistent and can be audited if necessary.

Rate this question:
41.

Which two statements are correct regarding vSphere certificates? (Choose two.)
- A.
  
  ESXi host upgrades do not preserve the SSL certificate and reissue one from the VMware Certificate Authority (VMCA).
- B.
  
  ESXi host upgrades preserve the existing SSL certificate.
- C.
  
  ESXi hosts have assigned SSL certificates from the VMware Certificate Authority (VMCA) during install.
- D.
  
  ESXi hosts have self-signed SSL certificates by default.
Correct Answer(s)
B. ESXi host upgrades preserve the existing SSL certificate.
C. ESXi hosts have assigned SSL certificates from the VMware Certificate Authority (VMCA) during install.

Explanation
ESXi host upgrades preserve the existing SSL certificate because the upgrade process does not involve replacing or reissuing the SSL certificate. Instead, it maintains the existing certificate, ensuring continuity in secure communication.

ESXi hosts have assigned SSL certificates from the VMware Certificate Authority (VMCA) during install. This means that during the installation process, the ESXi hosts are issued SSL certificates by the VMware Certificate Authority, ensuring that the communication between the hosts and other components is secure.

Rate this question:
42.

Which two features are available for virtual machines configured with DirectPath I/O? (Choose two.)
- A.
  
  Fault Tolerance
- B.
  
  Suspend and Resume
- C.
  
  Virtual Symmetric Multi-Processing (vSMP)
- D.
  
  Virtual Non-Uniform Memory Access (vNUMA)
Correct Answer(s)
C. Virtual Symmetric Multi-Processing (vSMP)
D. Virtual Non-Uniform Memory Access (vNUMA)
43.

Which three connection types are supported between a remote site and vCloud Air? (Choose three.)
- A.
  
  Secure Internet Connectivity
- B.
  
  Private Connect
- C.
  
  Direct Connect
- D.
  
  Internet Connectivity
- E.
  
  Secure VPN
Correct Answer(s)
A. Secure Internet Connectivity
C. Direct Connect
E. Secure VPN

Explanation
The three connection types that are supported between a remote site and vCloud Air are Secure Internet Connectivity, Direct Connect, and Secure VPN. Secure Internet Connectivity allows for a secure connection between the remote site and vCloud Air over the internet. Direct Connect provides a dedicated, private network connection between the remote site and vCloud Air. Secure VPN establishes a secure virtual private network connection between the remote site and vCloud Air, ensuring the confidentiality and integrity of the data transmitted between the two.

Rate this question:
44.

Which two solutions require Physical Mode Raw Device Mapping (RDM)? (Choose two.)
- A.
  
  Direct access to the storage array device
- B.
  
  Virtual Machine Snapshots
- C.
  
  Hardware Acceleration
- D.
  
  Guest Clustering across ESXi hosts
Correct Answer(s)
A. Direct access to the storage array device
D. Guest Clustering across ESXi hosts

Explanation
Physical Mode Raw Device Mapping (RDM) is required for two solutions: direct access to the storage array device and guest clustering across ESXi hosts.

Direct access to the storage array device allows virtual machines to directly access the storage without going through the virtualization layer, which can be useful for certain applications or storage configurations.

Guest clustering across ESXi hosts requires RDM to provide shared access to the same storage device for multiple virtual machines in a cluster. This allows for high availability and failover capabilities within the cluster.

Rate this question:
45.

An administrator decides to change the root password for an ESXi 6.x host to comply with the company'ssecurity policies.What are two ways that this can be accomplished? (Choose two.)
- A.
  
  Use the Direct Console User Interface to change the password.
- B.
  
  Use the passwd command in the ESXi Shell.
- C.
  
  Use the password command in the ESXi Shell.
- D.
  
  Use the vSphere client to update local users.
Correct Answer(s)
A. Use the Direct Console User Interface to change the password.
B. Use the passwd command in the ESXi Shell.

Explanation
The Direct Console User Interface (DCUI) is a text-based interface that allows administrators to perform various tasks on an ESXi host, including changing the root password. This can be done by accessing the DCUI directly on the host and navigating through the settings to change the password.

The passwd command in the ESXi Shell is another way to change the root password. The ESXi Shell is a command-line interface that provides access to the underlying operating system of the host. By using the passwd command, administrators can change the root password directly from the shell.

Both methods mentioned provide ways to change the root password on an ESXi host to comply with the company's security policies.

Rate this question:

Vcp Data Center (2v0-621-mod-1-4)

Write text here

Which Advanced Setting should be created for the vCenter Server to change the expiration policy of thevpxuser password?

Which Platform Service Controller Password Policy determines the number of days a password can existbefore the user must change it?

An administrator is configuring the clock tolerance for the Single Sign-On token configuration policy andwants to define the time skew tolerance between a client and the domain controller clock.Which time measurement is used for the value?

An administrator is upgrading a vCenter Server Appliance and wants to ensure that all the prerequisitesare met.What action must be taken before upgrading the vCenter Server Appliance?

An administrator is able to manage an ESXi 6.x host connected to vCenter Server using the vSphere WebClient but is unable to connect to the host directly.Which action should the administrator take to correct this behavior?

Which password meets ESXi 6.x host password requirements?

An administrator connects to an ESXi 6.x host console in order to shutdown the host.Which option in the Direct Console User Interface would perform this task?

An administrator wants to clone a virtual machine using the vSphere Client.Which explains why the Clone option is missing?

What will occur if the .nvram file is deleted from a powered off virtual machine?

An administrator tries to connect the vSphere 5.5 Client to an ESXi 6.x host.What will happen when this takes place?

What is the minimum Virtual Hardware version required for vFlash Read Cache?

Strict Lockdown Mode has been enabled on an ESXi host.Which action should an administrator perform to allow ESXi Shell or SSH access for users withadministrator privileges?

An administrator would like to use a passphrase for their ESXi 6.x hosts which has these characteristics:-Minimum of 21 characters-Minimum of 2 wordsWhich advanced options must be set to allow this passphrase configuration to be used?

Which group in the vsphere.local domain will have administrator privileges for the VMware CertificateAuthority (VMCA)?

An administrator is performing a silent automatic update of VMware Tools on a Windows virtual machine.What syntax needs to be entered into the Advanced Options box?

Which two methods are recommended for managing the VMware Directory Service? (Choose two.)

What are two sample roles that are provided with vCenter Server by default? (Choose two.)

Which three services can be enabled/disabled in the Security Profile for an ESXi host? (Choose three.)

An administrator would like to use the VMware Certificate Authority (VMCA) as an Intermediate CertificateAuthority (CA). The first two steps performed are:- Replace the Root Certificate- Replace Machine Certificates (Intermediate CA)Which two steps would need to be performed next? (Choose two.)

Which three options are available for ESXi Certificate Replacement? (Choose three.)

Which three options are available for replacing vCenter Server Security Certificates? (Choose three.)

An administrator needs to create an Integrated Windows Authentication (IWA) Identity Source on a newlydeployed vCenter Server Appliance (VCSA).Which two actions will accomplish this? (Choose two.)

Which two vCenter Server services are migrated automatically as part of an upgrade from a DistributedvCenter Server running 5.x? (Choose two.)

Which three ports are used by the vSphere Web Client when connecting directly to an ESXi 6.x host?(Choose three.)

An administrator wants to allow users to login to the vSphere Web Client using the Use Windows sessionauthentication check box for faster authentication.Which three requirements must be met for this feature to be available and functional? (Choose three.)

An administrator notices that the time on an ESXi 6.x host is incorrect.Which two actions should the administrator take to correct this issue? (Choose two.)

An administrator is troubleshooting a virtual machine that has unexpectedly powered off.Which two logs should be used to troubleshoot the issue? (Choose two.)

What are two ways to view the DNS settings for an ESXi 6.x host? (Choose two.)

Lockdown Mode has been enabled on an ESXi 6.x host and users are restricted from logging into theDirect Console User Interface (DCUI).Which two statements are true given this configuration? (Choose two.)

A common root user account has been configured for a group of ESXi 6.x hosts.Which two steps should be taken to mitigate security risks associated with this configuration? (Choosetwo.)

Which two advanced features should be disabled for virtual machines that are only hosted on a vSpheresystem? (Choose two.)

To reduce the attack vectors for a virtual machine, which two settings should an administrator set tofalse? (Choose two.)

Which two groups of settings should be reviewed when attempting to increase the security of virtualmachines (VMs)? (Choose two.)

An administrator has been instructed to secure existing virtual machines in vCenter Server.Which two actions should the administrator take to secure these virtual machines? (Choose two.)

Which two statements are correct regarding vSphere certificates? (Choose two.)

Which two features are available for virtual machines configured with DirectPath I/O? (Choose two.)

Which three connection types are supported between a remote site and vCloud Air? (Choose three.)

Which two solutions require Physical Mode Raw Device Mapping (RDM)? (Choose two.)

An administrator decides to change the root password for an ESXi 6.x host to comply with the company'ssecurity policies.What are two ways that this can be accomplished? (Choose two.)