2. vSphere 6 Professional Certification Exam

1

Which two methods are recommended for managing the VMware Directory Service? (Choose two.)

1

What are two sample roles that are provided with vCenter Server by default? (Choose two.)

1

Which three services can be enabled/disabled in the Security Profile for an ESXi host? (Choose three.)

1

An administrator would like to use the VMware Certificate Authority (VMCA) as an Intermediate Certificate Authority (CA). The first two steps performed are:
- Replace the Root Certificate
- Replace Machine Certificates (Intermediate CA)
Which two steps would need to be performed next? (Choose two.)

1

Which three options are available for ESXi Certificate Replacement? (Choose three.)

1

Lockdown Mode has been enabled on an ESXi 6.x host and users are restricted from logging into the Direct Console User Interface (DCUI).
Which two statements are true given this configuration? (Choose two.)

1

Strict Lockdown Mode has been enabled on an ESXi host.
Which action should an administrator perform to allow ESXi Shell or SSH access for users with administrator privileges?

1

A common root user account has been configured for a group of ESXi 6.x hosts.
Which two steps should be taken to mitigate security risks associated with this configuration? (Choose two.)

1

An administrator wants to configure an ESXi 6.x host to use Active Directory (AD) to manage users and groups.
The AD domain group ESX Admins is planned for administrative access to the host.
Which two conditions should be considered when planning this configuration? (Choose two.)

1

Which two advanced features should be disabled for virtual machines that are only hosted on a vSphere system? (Choose two.)

1

To reduce the attack vectors for a virtual machine, which two settings should an administrator set to false? (Choose two.)

1

Which two groups of settings should be reviewed when attempting to increase the security of virtual machines (VMs)? (Choose two.)

1

Which password meets ESXi 6.x host password requirements?

1

An administrator would like to use a passphrase for their ESXi 6.x hosts which has these characteristics:
-Minimum of 21 characters
-Minimum of 2 words
Which advanced options must be set to allow this passphrase configuration to be used?

1

Which Advanced Setting should be created for the vCenter Server to change the expiration policy of the vpxuser password?

1

An administrator has been instructed to secure existing virtual machines in vCenter Server.
Which two actions should the administrator take to secure these virtual machines? (Choose two.)

1

An administrator has recently audited the environment and found numerous virtual machines with sensitive data written to the configuration files.
To prevent this in the future, which advanced parameter should be applied to the virtual machines?

1

Which two statements are correct regarding vSphere certificates? (Choose two.)

1

Which three options are available for replacing vCenter Server Security Certificates? (Choose three.)

1

When attempting to log in with the vSphere Web Client, users have reported the error:
Incorrect Username/Password
The administrator has configured the Platform Services Controller Identity Source as:
- Type. Active Directory as an LDAP Server
- Domain: vmware.com
- Alias: VMWARE
- Default Domain: Yes
Which two statements would explain why users cannot login to the vSphere Web Client? (Choose two.)

1

Which group in the vsphere.local domain will have administrator privileges for the VMware Certificate Authority (VMCA)?

1

Which Platform Service Controller Password Policy determines the number of days a password can exist before the user must change it?

1

An administrator is configuring the clock tolerance for the Single Sign-On token configuration policy and wants to define the time skew tolerance between a client
and the domain controller clock.
Which time measurement is used for the value?

1

Which VMware Single Sign-On component issues Security Assertion Markup Language (SAML) tokens?

1

Which two are valid Identity Sources when configuring vCenter Single Sign-On? (Choose two.)

1

An administrator needs to create an Integrated Windows Authentication (IWA) Identity Source on a newly deployed vCenter Server Appliance (VCSA).
Which two actions will accomplish this? (Choose two.)

1

An administrator wants to reduce the memory overhead for a 3D graphics enabled virtual machine (VM).
What advanced feature can be added to the VM configuration file to reduce memory overhead?

1

An administrator is building a large virtual machine that will require as many vCPUs as the host can support.
An ESXi 6.x host has these specifications:
- Six 32-core Intel Xeon Processors
- 256 GB of Memory
- 512 GB Local disk space using VMFS5
What is the maximum number of virtual CPUs that the virtual machine can be allocated?

1

Which two features are available for virtual machines configured with DirectPath I/O? (Choose two.)

1

An administrator is creating a new Content Library. It will subscribe to another remote Content Library without authentication enabled.
What information from the published library will they need in order to complete the subscription?

Intermediate vSphere 6 Certification Test sobre 2. vSphere 6 Professional Certification Exam, creado por Aric Hansen el 17/02/2016.

2. vSphere 6 Professional Certification Exam

Which two methods are recommended for managing the VMware Directory Service? (Choose two.)

What are two sample roles that are provided with vCenter Server by default? (Choose two.)

Which three services can be enabled/disabled in the Security Profile for an ESXi host? (Choose three.)

An administrator would like to use the VMware Certificate Authority (VMCA) as an Intermediate Certificate Authority (CA). The first two steps performed are: - Replace the Root Certificate - Replace Machine Certificates (Intermediate CA) Which two steps would need to be performed next? (Choose two.)

Which three options are available for ESXi Certificate Replacement? (Choose three.)

Lockdown Mode has been enabled on an ESXi 6.x host and users are restricted from logging into the Direct Console User Interface (DCUI). Which two statements are true given this configuration? (Choose two.)

Strict Lockdown Mode has been enabled on an ESXi host. Which action should an administrator perform to allow ESXi Shell or SSH access for users with administrator privileges?

A common root user account has been configured for a group of ESXi 6.x hosts. Which two steps should be taken to mitigate security risks associated with this configuration? (Choose two.)

An administrator wants to configure an ESXi 6.x host to use Active Directory (AD) to manage users and groups. The AD domain group ESX Admins is planned for administrative access to the host. Which two conditions should be considered when planning this configuration? (Choose two.)

Which two advanced features should be disabled for virtual machines that are only hosted on a vSphere system? (Choose two.)

To reduce the attack vectors for a virtual machine, which two settings should an administrator set to false? (Choose two.)

Which two groups of settings should be reviewed when attempting to increase the security of virtual machines (VMs)? (Choose two.)

Which password meets ESXi 6.x host password requirements?

An administrator would like to use a passphrase for their ESXi 6.x hosts which has these characteristics: -Minimum of 21 characters -Minimum of 2 words Which advanced options must be set to allow this passphrase configuration to be used?

Which Advanced Setting should be created for the vCenter Server to change the expiration policy of the vpxuser password?

An administrator has been instructed to secure existing virtual machines in vCenter Server. Which two actions should the administrator take to secure these virtual machines? (Choose two.)

An administrator has recently audited the environment and found numerous virtual machines with sensitive data written to the configuration files. To prevent this in the future, which advanced parameter should be applied to the virtual machines?

Which two statements are correct regarding vSphere certificates? (Choose two.)

Which three options are available for replacing vCenter Server Security Certificates? (Choose three.)

An administrator would like to use the VMware Certificate Authority (VMCA) as an Intermediate Certificate Authority (CA). The first two steps performed are:
- Replace the Root Certificate
- Replace Machine Certificates (Intermediate CA)
Which two steps would need to be performed next? (Choose two.)

Lockdown Mode has been enabled on an ESXi 6.x host and users are restricted from logging into the Direct Console User Interface (DCUI).
Which two statements are true given this configuration? (Choose two.)

Strict Lockdown Mode has been enabled on an ESXi host.
Which action should an administrator perform to allow ESXi Shell or SSH access for users with administrator privileges?

A common root user account has been configured for a group of ESXi 6.x hosts.
Which two steps should be taken to mitigate security risks associated with this configuration? (Choose two.)

An administrator wants to configure an ESXi 6.x host to use Active Directory (AD) to manage users and groups.
The AD domain group ESX Admins is planned for administrative access to the host.
Which two conditions should be considered when planning this configuration? (Choose two.)

An administrator would like to use a passphrase for their ESXi 6.x hosts which has these characteristics:
-Minimum of 21 characters
-Minimum of 2 words
Which advanced options must be set to allow this passphrase configuration to be used?

An administrator has been instructed to secure existing virtual machines in vCenter Server.
Which two actions should the administrator take to secure these virtual machines? (Choose two.)

An administrator has recently audited the environment and found numerous virtual machines with sensitive data written to the configuration files.
To prevent this in the future, which advanced parameter should be applied to the virtual machines?

An administrator is configuring the clock tolerance for the Single Sign-On token configuration policy and wants to define the time skew tolerance between a client
and the domain controller clock.
Which time measurement is used for the value?

An administrator needs to create an Integrated Windows Authentication (IWA) Identity Source on a newly deployed vCenter Server Appliance (VCSA).
Which two actions will accomplish this? (Choose two.)

An administrator wants to reduce the memory overhead for a 3D graphics enabled virtual machine (VM).
What advanced feature can be added to the VM configuration file to reduce memory overhead?

An administrator is creating a new Content Library. It will subscribe to another remote Content Library without authentication enabled.
What information from the published library will they need in order to complete the subscription?