This page was exported from Latest Lead2pass Dumps For Sharing [ https://www.ensurepass.net ] Export date:Sun Dec 22 18:28:59 2024 / +0000 GMT ___________________________________________________ Title: [March 2018] 2V0-621D New Questions Free Download In Lead2pass 256q --------------------------------------------------- 2V0-621D Exam Questions Free Download From Lead2pass: https://www.lead2pass.com/2v0-621d.html QUESTION 11Which two methods are recommended for managing the VMware Directory Service? (Choose two.) A.    Utilize the vmdir command.B.    Manage through the vSphere Web Client.C.    Manage using the VMware Directory Service.D.    Utilize the dc rep command.Answer: ABExplanation:To manage VMware directory service, you can use vmdir command and vsphere web client. VMware directory service is always managed using vmdir command which is specifically used for directory services. QUESTION 12What are two sample roles that are provided with vCenter Server by default? (Choose two.) A.    Virtual machine UserB.    Network AdministratorC.    Content Library AdministratorD.    Storage Administrator Answer: ABReference:https://books.google.com.pk/books?id=35TE4cSycNAC&pg=PA97&lpg=PA97&dq=sample+roles+that+are+provided+with+vCenter+Server+by+default&source=bl&ots=ggd5VKGky5 &sig=-lc0Juby-tkvddWsrG_zHgEDTQY&hl=en&sa=X&ved=0CDcQ6AEwBWoVChMIlZH2x8WExgIVxDoUCh2N1AC2#v=onepage&q=sample%20roles%20that%20are%20provided%20with%20vCenter%20Server%20by%20default&f=false QUESTION 13Which three services can be enabled/disabled in the Security Profile for an ESXi host? (Choose three.) A.    CIM ServerB.    Single Sign-OnC.    Direct Console UID.    Syslog ServerE.    vSphere Web Access Answer: ACD QUESTION 14An administrator would like to use the VMware Certificate Authority (VMCA) as an Intermediate Certificate Authority (CA). The first two steps performed are: - Replace the Root Certificate- Replace Machine Certificates (Intermediate CA) Which two steps would need to be performed next? (Choose two.) A.    Replace Solution User Certificates (Intermediate CA)B.    Replace the VMware Directory Service Certificate (Intermediate CA)C.    Replace the VMware Directory Service CertificateD.    Replace Solution User Certificates Answer: ACExplanation:You can replace the VMCA root certificate with a third-party CA-signed certificate that includes VMCA in the certificate chain. Going forward, all certificates that VMCA generates include the full chain. You can replace existing certificates with newly generated certificates. This approach combines the security of third-party CA-signed certificate with the convenience of automated certificate management.Reference: http://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-5FE583A2-3737-4B62-A905-5BB38D479AE0.html QUESTION 15Which three options are available for ESXi Certificate Replacement? (Choose three.) A.    VMware Certificate Authority modeB.    Custom Certificate Authority modeC.    Thumbprint modeD.    Hybrid DeploymentE.    VMware Certificate Endpoint Authority Mode Answer: ABCExplanation:You can perform different types of certificate replacement depending on company policy and requirements for the system that you are configuring. You can perform each replacement with the vSphere Certificate Manager utility or manually by using the CLIs included with your installation.VMCA is included in each Platform Services Controller and in each embedded deployment. VMCA provisions each node, each vCenter Server solution user, and each ESXi host with a certificate that is signed by VMCA as the certificate authority. vCenter Server solution users are groups of vCenter Server services. See vSphere Security for a list of solution users.You can replace the default certificates. For vCenter Server components, you can use a set of command-line tools included in your installation. You have several options.Reference: http://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc%2FGUID-4469A6D3-048A-471C-9CB4-518A15EA2AC0.html QUESTION 16Lockdown Mode has been enabled on an ESXi 6.x host and users are restricted from logging into the Direct Console User Interface (DCUI).Which two statements are true given this configuration? (Choose two.) A.    A user granted administrative privileges in the Exception User list can login.B.    A user defined in the DCUI.Access without administrative privileges can login.C.    A user defined in the ESXi Admins domain group can login.D.    A user set to the vCenter Administrator role can login. Answer: ABReference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-F8F105F7-CF93-46DF-9319-F8991839D265.html QUESTION 17Strict Lockdown Mode has been enabled on an ESXi host.Which action should an administrator perform to allow ESXi Shell or SSH access for users with administrator privileges? A.    Grant the users the administrator role and enable the service.B.    Add the users to Exception Users and enable the service.C.    No action can be taken, Strict Lockdown Mode prevents direct access.D.    Add the users to vsphere.local and enable the service. Answer: BReference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-F8F105F7-CF93-46DF-9319-F8991839D265.html QUESTION 18A common root user account has been configured for a group of ESXi 6.x hosts.Which two steps should be taken to mitigate security risks associated with this configuration? (Choose two.) A.    Remove the root user account from the ESXi host.B.    Set a complex password for the root account and limit its use.C.    Use ESXi Active Directory capabilities to assign users the administrator role.D.    Use Lockdown mode to restrict root account access. Answer: BCExplanation:To address the security risks, you need to set a complex password for the root account and make sure only authorized personnel use it. The second step is to use ESXi active directory to assign the administrator role to users. QUESTION 19An administrator wants to configure an ESXi 6.x host to use Active Directory (AD) to manage users and groups. The AD domain group ESX Admins is planned for administrative access to the host.Which two conditions should be considered when planning this configuration? (Choose two.) A.    If administrative access for ESX Admins is not required, this setting can be altered.B.    The users in ESX Admins are not restricted by Lockdown Mode.C.    An ESXi host provisioned with Auto Deploy cannot store AD credentials.D.    The users in ESX Admins are granted administrative privileges in vCenter Server. Answer: ACExplanation:The setting can be altered if administrative access for ESX admins is not required. The second rule is that the ESX admins users should not be restricted by Lockdown mode. QUESTION 20Which two advanced features should be disabled for virtual machines that are only hosted on a vSphere system? (Choose two.) A.    isolation.tools.unity.push.update.disableB.    isolation.tools.ghi.launchmenu.changeC.    isolation.tools.bbs.disableD.    isolation.tools.hgfsServerSet.enable Answer: ABExplanation:Because VMware virtual machines run in many VMware products in addition to vSphere, some virtual machine parameters do not apply in a vSphere environment. Although these features do not appear in vSphere user interfaces, disabling them reduces the number of vectors through which a guest operating system could access a host. Use the following .vmx setting to disable these features:isolation.tools.unity.push.update.disable = "TRUE" isolation.tools.ghi.l"unch"enu.change = "TRUE" isolation.tools.ghi.a"tolo"on.disable = "TRUE" isolation.tools.hgfsS"rver"et.disable = "TRUE" isolation.tools.memSc"edFa"eSampleStats.disable = "TRUE" isolation.tools.getCr"ds.d"sable = "TRUE"Reference: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vmtools.install.doc%2FGUID-685722FA-9009-439C-9142-18A9E7C592EA.html 2V0-621D dumps full version (PDF&VCE): https://www.lead2pass.com/2v0-621d.html Large amount of free 2V0-621D exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDa2xCVTdHZXoxYjA --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2018-03-12 09:02:58 Post date GMT: 2018-03-12 09:02:58 Post modified date: 2018-03-12 09:02:58 Post modified date GMT: 2018-03-12 09:02:58 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com