[May 2018] Lead2pass 100% Valid 2V0-621D Exam Questions PDF Free Download 256q

Lead2pass 2018 100% Real 2V0-621D Exam Questions:

https://www.lead2pass.com/2v0-621d.html

QUESTION 21
To reduce the attack vectors for a virtual machine, which two settings should an administrator set to false? (Choose two.)

A.    ideX:Y.present
B.    serial.present
C.    ideX:Y.enabled
D.    serial.enabled

Answer: AB
Reference: http://jackiechen.org/2012/10/05/vsphere-5-0-security-hardening-recommended-vm-settings-configure-script/

QUESTION 22
Which two groups of settings should be reviewed when attempting to increase the security of virtual machines (VMs)? (Choose two.)

A.    Disable hardware devices
B.    Disable unexposed features
C.    Disable VMtools devices
D.    Disable VM Template features

Answer: AB
Explanation:
Make sure you review hardware devices and disable the unnecessary ones. Also disable unexposed features before increasing virtual machines security.

QUESTION 23
Which password meets ESXi 6.x host password requirements?

A.    8kMVnn2x!
B.    zNgtnJBA2
C.    Nvgt34kn44
D.    !b74wr

Answer: A
Explanation:
A valid password requires a mix of upper and lower case letters, digits, and other characters. You can use a 7-character long password with characters from at least three of these four classes, or a 6-character long password containing characters from all the classes. A password that begins with an upper case letter and ends with a numerical digit does not count towards the number of character classes used. It is recommended that the password does not contain the username.
A passphrase requires at least 3 words, can be 8 to 40 characters long, and must contain enough different characters.
Reference:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1012033

QUESTION 24
An administrator would like to use a passphrase for their ESXi 6.x hosts which has these characteristics:

– Minimum of 21 characters
– Minimum of 2 words

Which advanced options must be set to allow this passphrase configuration to be used?

A.    retry=3 min=disabled, disabled, 7, 21, 7 passphrase=2
B.    retry=3 min=disabled, disabled, 21, 7, 7 passphrase=2
C.    retry=3 min=disabled, disabled, 2, 21, 7
D.    retry=3 min=disabled, disabled, 21, 21, 2

Answer: B
Explanation:
To force a specific password complexity and disable all others, replace the number with the word with disabled. For example, to force passwords containing characters from all four-character classes: password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min= disabled,disabled,disabled,disabled,7
Reference:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1012033

QUESTION 25
Which Advanced Setting should be created for the vCenter Server to change the expiration policy of the vpxuser password?

A.    VimPasswordExpirationInDays
B.    VimExpirationPasswordDays
C.    VimPassExpirationInDays
D.    VimPasswordRefreshDays

Answer: A
Explanation:
vCenter Server creates the vpxuser account on each ESX/ESXi host that it manages. The password for each vpxuser account is auto-generated when an ESX/ESXi host is added. The password is updated by default every 30 days.
To modify default password settings:
Connect vSphere Client to vCenter Server.
Click Administration > vCenter Server Settings > Advanced Settings. Scroll to the parameter VirtualCenter.VimPasswordExpirationInDays and change the value from the default.
Reference:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1016736

QUESTION 26
An administrator has been instructed to secure existing virtual machines in vCenter Server.
Which two actions should the administrator take to secure these virtual machines? (Choose two.)

A.    Disable native remote management services
B.    Restrict Remote Console access
C.    Use Independent Non-Persistent virtual disks
D.    Prevent use of Independent Non-Persistent virtual disks

Answer: BD
Reference: http://www.vmware.com/files/pdf/techpaper/VMW-TWP-vSPHR-SECRTY-HRDNG-USLET-101-WEB-1.pdf (page 11, see the tables)

QUESTION 27
An administrator has recently audited the environment and found numerous virtual machines with sensitive data written to the configuration files.
To prevent this in the future, which advanced parameter should be applied to the virtual machines?

A.    isolation.tools.setinfo.disable = true
B.    isolation.tools.setinfo.enable = true
C.    isolation.tools.setinfo.disable = false
D.    isolation.tools.setinfo.enable = false

Answer: A
Explanation:
It is configured on a per-VM basis. You can increase the guest operating system variable memory limit if large amounts of custom information are being stored in the configuration file. You can also prevent guests from writing any name-value pairs to the configuration file. To do so, use the following setting, and set it to ‘true’.

QUESTION 28
Which two statements are correct regarding vSphere certificates? (Choose two.)

A.    ESXi host upgrades do not preserve the SSL certificate and reissue one from the VMware Certificate Authority (VMCA).
B.    ESXi host upgrades preserve the existing SSL certificate.
C.    ESXi hosts have assigned SSL certificates from the VMware Certificate Authority (VMCA) during install.
D.    ESXi hosts have self-signed SSL certificates by default.

Answer: BC
Explanation:
Of course, ESXi host upgrades preserve existing SSL certificate and it also have assigned SSL certificates from VMCA during the installation process.

QUESTION 29
Which three options are available for replacing vCenter Server Security Certificates? (Choose three.)

A.    Replace with Certificates signed by the VMware Certificate Authority.
B.    Make VMware Certificate Authority an Intermediate Certificate Authority.
C.    Do not use VMware Certificate Authority, provision your own Certificates.
D.    Use SSL Thumbprint mode.
E.    Replace all VMware Certificate Authority issued Certificates with self-signed Certificates.

Answer: ABC
Explanation:
There are three options for replace vCenter server security certificates. You can replace it with certificates signed by VMware certificate authority; you can make the VMCA an intermediate certificate authority. Likewise, you can provision your own certificates.

QUESTION 30
When attempting to log in with the vSphere Web Client, users have reported the error:

Incorrect Username/Password

The administrator has configured the Platform Services Controller Identity Source as:

– Type. Active Directory as an LDAP Server
– Domain: vmware.com
– Alias: VMWARE
– Default Domain: Yes

Which two statements would explain why users cannot login to the vSphere Web Client? (Choose two.)

A.    Users are typing the password incorrectly.
B.    Users are in a forest that has 1-way trust.
C.    Users are in a forest that has 2-way trust.
D.    Users are logging into vCenter Server with incorrect permissions.

Answer: AB
Explanation:
The possible explanation for this error might be that the users are typing password incorrectly or they are in a forest with has only 1-way trust. You need 2-way trust to get the credentials accepted.

2V0-621D dumps full version (PDF&VCE): https://www.lead2pass.com/2v0-621d.html

Large amount of free 2V0-621D exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDa2xCVTdHZXoxYjA

[March 2018] New Lead2pass VMware 2V0-621D New Questions Free Download 256q

New Released Exam 2V0-621D PDF Free From the Lead2pass:

https://www.lead2pass.com/2v0-621d.html

QUESTION 11
Which two methods are recommended for managing the VMware Directory Service? (Choose two.)

A.    Utilize the vmdir command.
B.    Manage through the vSphere Web Client.
C.    Manage using the VMware Directory Service.
D.    Utilize the dc rep command.

Answer: AB
Explanation:
To manage VMware directory service, you can use vmdir command and vsphere web client. VMware directory service is always managed using vmdir command which is specifically used for directory services.

QUESTION 12
What are two sample roles that are provided with vCenter Server by default? (Choose two.)

A.    Virtual machine User
B.    Network Administrator
C.    Content Library Administrator
D.    Storage Administrator

Answer: AB
Reference:
https://books.google.com.pk/books?id=35TE4cSycNAC&pg=PA97&lpg=PA97&dq=sample+roles+that+are+provided+with+vCenter+Server+by+default&source=bl&ots=ggd5VKGky5 &sig=-lc0Juby-tkvddWsrG_zHgEDTQY&hl=en&sa=X&ved=0CDcQ6AEwBWoVChMIlZH2x8WExgIVxDoUCh2N1AC2#v=onepage&q=sample%20roles%20that%20are%20provided%20with%20vCenter%20Server%20by%20default&f=false

QUESTION 13
Which three services can be enabled/disabled in the Security Profile for an ESXi host? (Choose three.)

A.    CIM Server
B.    Single Sign-On
C.    Direct Console UI
D.    Syslog Server
E.    vSphere Web Access

Answer: ACD

QUESTION 14
An administrator would like to use the VMware Certificate Authority (VMCA) as an Intermediate Certificate Authority (CA). The first two steps performed are:

– Replace the Root Certificate
– Replace Machine Certificates (Intermediate CA)

Which two steps would need to be performed next? (Choose two.)

A.    Replace Solution User Certificates (Intermediate CA)
B.    Replace the VMware Directory Service Certificate (Intermediate CA)
C.    Replace the VMware Directory Service Certificate
D.    Replace Solution User Certificates

Answer: AC
Explanation:
You can replace the VMCA root certificate with a third-party CA-signed certificate that includes VMCA in the certificate chain. Going forward, all certificates that VMCA generates include the full chain. You can replace existing certificates with newly generated certificates. This approach combines the security of third-party CA-signed certificate with the convenience of automated certificate management.
Reference: http://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-5FE583A2-3737-4B62-A905-5BB38D479AE0.html

QUESTION 15
Which three options are available for ESXi Certificate Replacement? (Choose three.)

A.    VMware Certificate Authority mode
B.    Custom Certificate Authority mode
C.    Thumbprint mode
D.    Hybrid Deployment
E.    VMware Certificate Endpoint Authority Mode

Answer: ABC
Explanation:
You can perform different types of certificate replacement depending on company policy and requirements for the system that you are configuring. You can perform each replacement with the vSphere Certificate Manager utility or manually by using the CLIs included with your installation.
VMCA is included in each Platform Services Controller and in each embedded deployment. VMCA provisions each node, each vCenter Server solution user, and each ESXi host with a certificate that is signed by VMCA as the certificate authority. vCenter Server solution users are groups of vCenter Server services. See vSphere Security for a list of solution users.
You can replace the default certificates. For vCenter Server components, you can use a set of command-line tools included in your installation. You have several options.
Reference: http://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc%2FGUID-4469A6D3-048A-471C-9CB4-518A15EA2AC0.html

QUESTION 16
Lockdown Mode has been enabled on an ESXi 6.x host and users are restricted from logging into the Direct Console User Interface (DCUI).
Which two statements are true given this configuration? (Choose two.)

A.    A user granted administrative privileges in the Exception User list can login.
B.    A user defined in the DCUI.Access without administrative privileges can login.
C.    A user defined in the ESXi Admins domain group can login.
D.    A user set to the vCenter Administrator role can login.

Answer: AB
Reference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-F8F105F7-CF93-46DF-9319-F8991839D265.html

QUESTION 17
Strict Lockdown Mode has been enabled on an ESXi host.
Which action should an administrator perform to allow ESXi Shell or SSH access for users with administrator privileges?

A.    Grant the users the administrator role and enable the service.
B.    Add the users to Exception Users and enable the service.
C.    No action can be taken, Strict Lockdown Mode prevents direct access.
D.    Add the users to vsphere.local and enable the service.

Answer: B
Reference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-F8F105F7-CF93-46DF-9319-F8991839D265.html

QUESTION 18
A common root user account has been configured for a group of ESXi 6.x hosts.
Which two steps should be taken to mitigate security risks associated with this configuration? (Choose two.)

A.    Remove the root user account from the ESXi host.
B.    Set a complex password for the root account and limit its use.
C.    Use ESXi Active Directory capabilities to assign users the administrator role.
D.    Use Lockdown mode to restrict root account access.

Answer: BC
Explanation:
To address the security risks, you need to set a complex password for the root account and make sure only authorized personnel use it. The second step is to use ESXi active directory to assign the administrator role to users.

QUESTION 19
An administrator wants to configure an ESXi 6.x host to use Active Directory (AD) to manage users and groups. The AD domain group ESX Admins is planned for administrative access to the host.
Which two conditions should be considered when planning this configuration? (Choose two.)

A.    If administrative access for ESX Admins is not required, this setting can be altered.
B.    The users in ESX Admins are not restricted by Lockdown Mode.
C.    An ESXi host provisioned with Auto Deploy cannot store AD credentials.
D.    The users in ESX Admins are granted administrative privileges in vCenter Server.

Answer: AC
Explanation:
The setting can be altered if administrative access for ESX admins is not required. The second rule is that the ESX admins users should not be restricted by Lockdown mode.

QUESTION 20
Which two advanced features should be disabled for virtual machines that are only hosted on a vSphere system? (Choose two.)

A.    isolation.tools.unity.push.update.disable
B.    isolation.tools.ghi.launchmenu.change
C.    isolation.tools.bbs.disable
D.    isolation.tools.hgfsServerSet.enable

Answer: AB
Explanation:
Because VMware virtual machines run in many VMware products in addition to vSphere, some virtual machine parameters do not apply in a vSphere environment. Although these features do not appear in vSphere user interfaces, disabling them reduces the number of vectors through which a guest operating system could access a host. Use the following .vmx setting to disable these features:
isolation.tools.unity.push.update.disable = “TRUE” isolation.tools.ghi.l”unch”enu.change = “TRUE” isolation.tools.ghi.a”tolo”on.disable = “TRUE” isolation.tools.hgfsS”rver”et.disable = “TRUE” isolation.tools.memSc”edFa”eSampleStats.disable = “TRUE” isolation.tools.getCr”ds.d”sable = “TRUE”
Reference: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vmtools.install.doc%2FGUID-685722FA-9009-439C-9142-18A9E7C592EA.html

2V0-621D dumps full version (PDF&VCE): https://www.lead2pass.com/2v0-621d.html

Large amount of free 2V0-621D exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDa2xCVTdHZXoxYjA

[January 2018] Easily Pass 2V0-621D Exam By Training Lead2pass Latest VCE Dumps 256q

Easily Pass 2V0-621D Exam By Training Lead2pass New VMware VCE Dumps:

https://www.lead2pass.com/2v0-621d.html

QUESTION 1
An administrator wants to provide users restricted access.
The users should only be able to perform the following tasks:

– Create and consolidate virtual machine snapshots
– Add/Remove virtual disks
– Snapshot Management

Which default role in vCenter Server would meet the administrator’s requirements for the users?

A.    Virtual machine user
B.    Virtual machine power user
C.    Virtual Datacenter administrator
D.    VMware Consolidated Backup user Continue reading

[Lead2pass New] VMware 2V0-621D Latest Dumps Free Download From Lead2pass (71-80)

I was very confused about selecting the best practice test website when preparing for my 2V0-621D certification exam. Luckily, a friend told me about Lead2pass.com. I passed the 2V0-621D exam from the first try. Excellent website for free exam dumps!

Following questions and answers are all new published by VMware Official Exam Center: https://www.lead2pass.com/2v0-621d.html

QUESTION 71
An administrator is having a problem configuring Storage I/O Control on a Datastore.
Which two conditions could explain the issue? (Choose two.)

A.    A host is running ESXi 4.0.
B.    An ESXi host does not have appropriate licensing.
C.    The vCenter Server version is 5.0.
D.    The vCenter Server License is Standard. Continue reading

[Lead2pass New] VMware 2V0-621D Latest Dumps Free Download From Lead2pass (61-70)

Thank you so much Lead2pass. You helped me passing my 2V0-621D exam easily, 90% of the exam questions from the dump appeared in my exam.

Following questions and answers are all new published by VMware Official Exam Center: https://www.lead2pass.com/2v0-621d.html

QUESTION 61
An administrator created a six node Virtual SAN cluster, created a fault domain, and moved three of the six nodes into that domain.
A node that is a member of the fault domain fails.
What is the expected result?

A.    The remaining two fault domain members are treated as failed.
B.    The remaining two fault domain members stay protected by the domain.
C.    One of the non-member nodes will be automatically added to the fault domain.
D.    VMware High Availability will restart virtual machines on remaining nodes in the domain. Continue reading

[Lead2pass New] VMware 2V0-621D Latest Dumps Free Download From Lead2pass (51-60)

We Lead2pass.com are providing 2V0-621D exam braindumps here in both PDF file and Online Practice Test Formats. The 2V0-621D dumps are updated time to time having all the questions answers which cover complete course outlines of the 2V0-621D certification exam.

Following questions and answers are all new published by VMware Official Exam Center: https://www.lead2pass.com/2v0-621d.html

QUESTION 51
Which two features are deprecated in Network I/O Control 3 (NIOC3)? (Choose two.)

A.    Class Of Service (COS) Tagging
B.    Bandwidth Allocation
C.    User-defined network resource pools
D.    Admission control

Continue reading

[Lead2pass New] VMware 2V0-621D Latest Dumps Free Download From Lead2pass (41-50)

Lead2pass.com providing 100% 2V0-621D exam passing guarantee with real exam questions. We are providing here outstanding braindumps for your 2V0-621D exam. With the Help of our exam dumps you can get more than 95%.

Following questions and answers are all new published by VMware Official Exam Center: https://www.lead2pass.com/2v0-621d.html

QUESTION 41
An administrator is assigning a user the Content Library administrator role. The user will only be creating the library for a single vCenter Server.
What is the lowest level of the permission heirarchy that this role can be granted to the user and still allow them to create a Content Library?

A.    Global
B.    Datacenter Folder
C.    Virtual Center
D.    Datacenter Continue reading

[Lead2pass New] VMware 2V0-621D Latest Dumps Free Download From Lead2pass (31-40)

Lead2pass.com providing 100% 2V0-621D exam passing guarantee with real exam questions. We are providing here outstanding braindumps for your 2V0-621D exam. With the Help of our exam dumps you can get more than 95%.

Following questions and answers are all new published by VMware Official Exam Center: https://www.lead2pass.com/2v0-621d.html

QUESTION 31
Which group in the vsphere.local domain will have administrator privileges for the VMware Certificate Authority (VMCA)?

A.    SolutionUsers
B.    CAAdmins
C.    DCAAdmins
D.    SystemConfiguration.Administrators

Continue reading

[Lead2pass New] VMware 2V0-621D Latest Dumps Free Download From Lead2pass (21-30)

If you are worried about your 2V0-621D exam and you are not prepared so, now you don’t need to take any stress about it. Get most updated 2V0-621D braindumps with 100% accurate answers. Lead2pass.com is considered one of the best website where you can save extra money by getting 150-days of free updates after buying the 2V0-621D dumps practice exam.

Following questions and answers are all new published by VMware Official Exam Center: https://www.lead2pass.com/2v0-621d.html

QUESTION 21
To reduce the attack vectors for a virtual machine, which two settings should an administrator set to false? (Choose two.)

A.    ideX:Y.present
B.    serial.present
C.    ideX:Y.enabled
D.    serial.enabled

Continue reading

[Lead2pass New] VMware 2V0-621D Latest Dumps Free Download From Lead2pass (11-20)

I have studied the 2V0-621D study guide and all questions were very authentic. I passed my 2V0-621D exam with good grades. I am very happy now. I will definitely back for more exams dumps. I settled well in my career with the help of Lead2pass.com. Thank also guys Hurry!!!!

Following questions and answers are all new published by VMware Official Exam Center: https://www.lead2pass.com/2v0-621d.html

QUESTION 11
Which two methods are recommended for managing the VMware Directory Service? (Choose two.)

A.    Utilize the vmdir command.
B.    Manage through the vSphere Web Client.
C.    Manage using the VMware Directory Service.
D.    Utilize the dc rep command.

Continue reading

[Lead2pass New] VMware 2V0-621D Latest Dumps Free Download From Lead2pass (1-10)

If you are worried about your 2V0-621D exam and you are not prepared so, now you don’t need to take any stress about it. Get most updated 2V0-621D braindumps with 100% accurate answers. Lead2pass.com is considered one of the best website where you can save extra money by getting 150-days of free updates after buying the 2V0-621D dumps practice exam.

Following questions and answers are all new published by VMware Official Exam Center: https://www.lead2pass.com/2v0-621d.html

QUESTION 1
An administrator wants to provide users restricted access.
The users should only be able to perform the following tasks:

– Create and consolidate virtual machine snapshots
– Add/Remove virtual disks
– Snapshot Management

Which default role in vCenter Server would meet the administrator’s requirements for the users?

A.    Virtual machine user
B.    Virtual machine power user
C.    Virtual Datacenter administrator
D.    VMware Consolidated Backup user

Continue reading