2V0-621 | An administrator wants to configure an ESXi 6.x host…

Question: 18

An administrator wants to configure an ESXi 6.x host to use Active Directory (AD) to manage users and groups. The AD domain group ESX Admins is planned for administrative access to the host. Which two conditions should be considered when planning this configuration? (Choose two.)

A. If administrative access for ESX Admins is not required, this setting can be altered.
B. The users in ESX Admins are not restricted by Lockdown Mode.
C. An ESXi host provisioned with Auto Deploy cannot store AD credentials.
D. The users in ESX Admins are granted administrative privileges in vCenter Server.

Answer: A,C

2V0-621 | A common root user account has been configured…

Question: 17

A common root user account has been configured for a group of ESXi 6.x hosts. Which two steps should be taken to mitigate security risks associated with this configuration? (Choose two.)

A. Remove the root user account from the ESXi host.
B. Set a complex password for the root account and limit its use.
C. Use ESXi Active Directory capabilities to assign users the administrator role.
D. Use Lockdown mode to restrict root account access.

Answer: B,C

2v0-621 | Strict Lockdown Mode has been enabled…

Question: 17

Strict Lockdown Mode has been enabled on an ESXi host. Which action should an administrator perform to allow ESXi Shell or SSH access for users with administrator privileges?

A. Grant the users the administrator role and enable the service.
B. Add the users to Exception Users and enable the service.
C. No action can be taken, Strict Lockdown Mode prevents direct access.
D. Add the users to vsphere.local and enable the service.

Answer: B

2v0-621 | An administrator would like to use…

Question: 14

An administrator would like to use the VMware Certificate Authority (VMCA) as an Intermediate Certificate Authority (CA). The first two steps performed are:
Replace the Root Certificate
Replace Machine Certificates (Intermediate CA)
Which two steps would need to be performed next? (Choose two.)

A. Replace Solution User Certificates (Intermediate CA)
B. Replace the VMware Directory Service Certificate (Intermediate CA)
C. Replace the VMware Directory Service Certificate
D. Replace Solution User Certificates

Answer: A,C

2v0-621 | Lockdown Mode has been enabled….

Question: 12

Lockdown Mode has been enabled on an ESXi 6.x host and users are restricted from logging into the Direct Console User Interface (DCUI). Which two statements are true given this configuration? (Choose two.)

A. A user granted administrative privileges in the Exception User list can login.
B. A user defined in the DCUI.Access without administrative privileges can login.
C. A user defined in the ESXi Admins domain group can login.
D. A user set to the vCenter Administrator role can login.

Answer: A,B

Leave a Reply

Your email address will not be published. Required fields are marked *