1.) You are preparing to import certificates for your vSphere environment. Which of the following is not a requirement?
A.) x509 Version 3
B.) PKCS8 and PKCS1 PEM format
C.) Digital signature and key encipherment keys
D.) 1024- to 16,384-bit keys
2.) You are making plans for ESXi host certificates. Which of the following is not a valid certificate mode?
A.) VMware Endpoint Certificate Store Mode
B.) VMware Certificate Authority Mode
C.) Custom Certificate Authority Mode
D.) Thumbprint Mode
3.) You are preparing to apply permissions in vCenter Server. Which of the following is a system role?
A.) Read-only
B.) Virtual machine user
C.) Datastore consumer
D.) Content library administrator
4.) You are configuring permissions in vCenter Server. Which privilege is required for a user to use Storage vMotion to migrate a virtual machine?
A.) Resource.Migrate Powered On Virtual Machine
B.) Resource.Migrate Powered Off Virtual Machine
C.) Resource.Assign Virtual Machine to Resource Pool on the Cluster
D.) Resource.Assign Virtual Machine to Resource Pool on the VM Folder
5. You are hardening your ESXi hosts. Which of the following is true concerning normal lockdown mode?
A.) All users with administrator privileges on the host can access the DCUI.
B.) All users in the Exception Users list can access the DCUI.
C.) No one can access the DCUI.
D.) Users identified in the host’s DCUI.Access advanced option can access the DCUI.
6.) You are creating user accounts in the vCenter SSO domain. With default settings, which of the following is a valid password?
A.) VMware1!
B.) VMworld!
C.) VMwareR0cks
D.) VMwarerocks!!
7.) You are configuring IPsec on your ESXi hosts. Which of the following commands can you use to list the available security associations on an ESXi host?
A.) esxcli network ipsec sa list
B.) esxcli network ip ipsec sa list
C.) esxcli network ip ipsec list
D.) esxcli network ip sa list
8.) You want to migrate virtual machines across vCenter instances. Which of the following statements is true concerning vMotion migration across vCenter Server instances?
A.) For encrypted vMotion migration, you can use the vSphere Client.
B.) For encrypted vMotion migration, you must use the vSphere APIs.
C.) vMotion migration of encrypted virtual machines is not supported.
D.) Encrypted vMotion migration of non-encrypted virtual machines is not supported.
9.) You are hardening virtual machines in your vSphere 7 environment. Which of the following options can be set to TRUE to disable an unexposed feature?
A.) tools.guestlib.enableHostInfo
B.) tools.setInfo.sizeLimit
C.) vmx.log.keepOld
D.) isolation.tools.ghi.launchmenu.change
10.) You want to use microsegmentation to protect the applications and data in your vSphere environment. What should you implement?
A.) VMware AppDefense
B.) VMware NSX
C.) VMware vRealize Automation
D.) VMware vRealize Log Insight