[Free] 2018(May) EnsurePass Examcollection VMware 2V0-621D Dumps with VCE and PDF 11-20

Ensurepass.com : Ensure you pass the IT Exams
2018 May VMware Official New Released 2V0-621D
100% Free Download! 100% Pass Guaranteed!

VMware Certified Professional 6 – Data Center Virtualization Delta Beta Exam

Question No: 11 – (Topic 1)

Which two statements are correct regarding vSphere certificates? (Choose two.)

  1. ESXi host upgrades do not preserve the SSL certificate and reissue one from the VMware Certificate Authority (VMCA).

  2. ESXi host upgrades preserve the existing SSL certificate.

  3. ESXi hosts have assigned SSL certificates from the VMware Certificate Authority (VMCA) during install.

  4. ESXi hosts have self-signed SSL certificates by default.

Answer: B,C Explanation:

Of course, ESXi host upgrades preserve existing SSL certificate and it also have assigned SSL certificates from VMCA during the installation process.

Question No: 12 – (Topic 1)

Which group in the vsphere.local domain will have administrator privileges for the VMware Certificate Authority (VMCA)?

  1. SolutionUsers

  2. CAAdmins

  3. DCAAdmins

  4. SystemConfiguration.Administrators

Answer: B Explanation:

Members of the CAAdmins group have administrator privileges for VMCA. Adding members to these groups is not usually recommended.

Reference: https://pubs.vmware.com/vsphere- 60/index.jsp?topic=/com.vmware.vsphere.security.doc/GUID-87DA2F34-DCC9- 4DAB-8900-1BA35837D07E.html

Question No: 13 – (Topic 1)

An administrator needs to create an Integrated Windows Authentication (IWA) Identity Source on a newly deployed vCenter Server Appliance (VCSA).

Which two actions will accomplish this? (Choose two.)

  1. Use a Service Principal Name (SPN) to configure the Identity Source.

  2. Use a Domain administrator to configure the Identity Source.

  3. Join the VCSA to Active Directory and configure the Identity Source with a Machine Account.

  4. Create a computer account in Active Directory for the VCSA and configure the Identity Source.

Answer: A,C Explanation:

Using a machine account when configuring an Active Directory identity source for vCenter Server requires that the Windows system be joined to the domain. If the system is not joined to the domain, SSO cannot leverage the machine account to create the identity

source and perform its function as the secure token service user.

To resolve this issue in VCVA 5.5, use only the Use SPN option. Reference:



Question No: 14 – (Topic 1)

An administrator would like to use a passphrase for their ESXi 6.x hosts which has these characteristics:

->Minimum of 21 characters

->Minimum of 2 words

Which advanced options must be set to allow this passphrase configuration to be used?

  1. retry=3 min=disabled, disabled, 7, 21, 7 passphrase=2

  2. retry=3 min=disabled, disabled, 21, 7, 7 passphrase=2

  3. retry=3 min=disabled, disabled, 2, 21, 7

  4. retry=3 min=disabled, disabled, 21, 21, 2

Answer: B Explanation:

To force a specific password complexity and disable all others, replace the number with the word with disabled. For example, to force passwords containing characters from all four- character classes:

password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min= disabled,disabled,disabled,disabled,7

Reference: http://kb.vmware.com/selfservice/microsites/search.do?language=en_USamp;cmd=displayKC


Question No: 15 – (Topic 1)

In which two vsphere.local groups should an administrator avoid adding members? (Choose two.)

  1. SolutionUsers

  2. Administrators

  3. DCAdmins

  4. ExternalPDUsers

Answer: A,B Explanation:

The vsphere.local domain includes several predefined groups. Assign users to one of those groups to be able to perform the corresponding actions.

For all objects in the vCenter Server hierarchy, permissions are assigned by pairing a user and a role with the object. For example, you can select a resource pool and give a group of users read privileges to that resource pool by giving them the corresponding role.

For some services that are not managed by vCenter Server directly, privileges are determined by membership to one of the vCenter Single Sign-On groups. For example, a user who is a member of the Administrator group can manage vCenter Single Sign-On. A user who is a member of the CAAdmins group can manage the VMware Certificate Authority, and a user who is in the LicenseService.Administrators group can manage licenses.

Reference: https://pubs.vmware.com/vsphere- 60/index.jsp?topic=/com.vmware.vsphere.security.doc/GUID-87DA2F34-DCC9- 4DAB-8900-1BA35837D07E.html

Question No: 16 – (Topic 1)

An administrator is configuring the clock tolerance for the Single Sign-On token configuration policy and wants to define the time skew tolerance between a client and the domain controller clock.

Which time measurement is used for the value?

  1. Milliseconds

  2. Seconds

  3. Minutes

  4. Hours

Answer: A Explanation:

The time skew tolerance between a client and the domain controller clock is measured in milliseconds.

Question No: 17 – (Topic 1)

An administrator has recently audited the environment and found numerous virtual machines with sensitive data written to the configuration files.

To prevent this in the future, which advanced parameter should be applied to the virtual machines?

  1. isolation.tools.setinfo.disable = true

  2. isolation.tools.setinfo.enable = true

  3. isolation.tools.setinfo.disable = false

  4. isolation.tools.setinfo.enable = false

Answer: A Explanation:

It is configured on a per-VM basis. You can increase the guest operating system variable memory limit if large amounts of custom information are being stored in the configuration file. You can also prevent guests from writing any name-value pairs to the configuration file. To do so, use the following setting, and set it to ‘true’:

Question No: 18 – (Topic 1)

An administrator with global administrator privileges creates a custom role but fails to

assign any privileges to it.

Which two privileges would the custom role have? (Choose two.)

  1. System.View

  2. System.Anonymous

  3. System.User

  4. System.ReadOnly

Answer: A,B Explanation:

When you add a custom role and do not assign any privileges to it, the role is created as a Read Only role with three system-defined privileges: System.Anonymous, System.View, and System.Read.

Reference: https://pubs.vmware.com/vsphere- 51/index.jsp?topic=/com.vmware.vsphere.security.doc/GUID-93B962A7-93FA- 4E96-B68F-AE66D3D6C663.html

Question No: 19 – (Topic 1)

An administrator has configured three vCenter Servers and vRealize Orchestrator within a Platform Services Controller domain, and needs to grant a user privileges that span all environments.

Which statement best describes how the administrator would accomplish this?

  1. Assign a Global Permission to the user.

  2. Assign a vCenter Permission to the user.

  3. Assign vsphere.local membership to the user.

  4. Assign an ESXi Permission to the user.

Answer: A Explanation:

Global permissions are applied to a global root object that spans solutions, for example, both vCenter Server and vCenter Orchestrator. Use global permissions to give a user or

group privileges for all objects in all object hierarchies.

Reference: http://pubs.vmware.com/vsphere- 60/index.jsp?topic=/com.vmware.vsphere.security.doc/GUID-C7702E31-1623- 4189-89CB-E1136AA27972.html

Question No: 20 – (Topic 1)

Refer to the Exhibit.

Ensurepass 2018 PDF and VCE

An administrator is adding an Active Directory over LDAP Identity Source for vCenter Single Sign-On, as indicated in the Exhibit.

What is the correct value to configure for the Domain alias?

  1. The domain#39;s NetBIOS name.

  2. The fully qualified domain name.

  3. vsphere.local

  4. A user defined label.

Answer: A Explanation:

The domain alias is usually NetBIOS name, for example, acme.lab.

Reference: https://www.virten.net/2015/02/how-to-add-ad-authentication-in-vcenter-6-0- platform-service-controller/

100% Ensurepass Free Download!
Download Free Demo:2V0-621D Demo PDF
100% Ensurepass Free Guaranteed!
Download 2018 EnsurePass 2V0-621D Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No