[May 2018] Free Download 70-411 Exam Dumps VCE From Lead2pass 449q

Free Download Lead2pass Microsoft 70-411 VCE And PDF Dumps:

https://www.lead2pass.com/70-411.html

QUESTION 51
You have a server named Server 1.
You enable BitLocker Drive Encryption (BitLocker) on Server 1.
You need to change the password for the Trusted Platform Module (TPM) chip.
What should you run on Server1?

A.    Manage-bde.exe
B.    Set-TpmOwnerAuth
C.    bdehdcfg.exe
D.    tpmvscmgr.exe

Answer: B
Explanation:
The Set-TpmOwnerAuthcmdlet changes the current owner authorization value of the Trusted Platform Module (TPM) to a new value.
You can specify the current owner authorization value or specify a file that contains the current owner authorization value. If you do not specify an owner authorization value, the cmdlet attempts to read the value from the registry.
Use the ConvertTo-TpmOwnerAuthcmdlet to create an owner authorization value.
You can specify a new owner authorization value or specify a file that contains the new value.

QUESTION 52
Your company has a main office and two branch offices. The main office is located in Seattle.
The two branch offices are located in Montreal and Miami.
Each office is configured as an Active Directory site.
The network contains an Active Directory domain named contoso.com.
Network traffic is not routed between the Montreal office and the Miami office.
You implement a Distributed File System (DFS) namespace named \\contoso.com\public.
The namespace contains a folder named Folder1. Folder1 has a folder target in each office.
You need to configure DFS to ensure that users in the branch offices only receive referrals to the target in their respective office or to the target in the main office.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Set the Ordering method of \\contoso.com\public to Random order.
B.    Set the Advanced properties of the folder target in the Seattle office to Last among all targets.
C.    Set the Advanced properties of the folder target in the Seattle office to First among targets of equal cost.
D.    Set the Ordering method of \\contoso.com\public to Exclude targets outside of the client’s site.
E.    Set the Advanced properties of the folder target in the Seattle office to Last among targets of equal cost.
F.    Set the Ordering method of \\contoso.com\public to Lowest cost.

Answer: BD
Explanation:
If you want to prevent branch clients from failing over to a branch server at a different branch site, select the Exclude targets outside of the client site ordering method for each folder with targets, and then set target priority on each hub server’s folder target by selecting the Last among all targets target priority. The result of selecting these two options is as follows:
The Exclude targets outside of the client site setting ensures that only targets within the client’s site will be included in referrals.
The Last among all targets setting overrides the referral ordering method by including the hub server in the referral, even if the hub server is not in the client’s site. (If multiple hub servers are used as folder targets for a given folder, those hub servers will appear last in the referral and be sorted in order of lowest cost after the other targets.)
https://technet.microsoft.com/en-us/library/cc772778%28v=ws.10%29.aspx

QUESTION 53
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that has the Network Policy Server server role installed. The domain contains a server named Server2 that is configured for RADIUS accounting.
Server1 is configured as a VPN server and is configured to forward authentication requests to Server2.
You need to ensure that only Server2 contains event information about authentication requests from connections to Server1.

Which two nodes should you configure from the Network Policy Server console?
To answer, select the appropriate two nodes in the answer area.

531

Answer:

532

Explanation:
In the properties of the Network Policy Server logging of rejected and successful authentication requests can be disabled: Using connection request policies can be defined, whether connection requests are processed locally or forwarded to a remote RADIUS server.

QUESTION 54
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. An organizational unit (OU) named OU1 contains 200 client computers that run Windows 8 Enterprise. A Group Policy object (GPO) named GPO1 is linked to OU1.
You make a change to GPO1.
You need to force all of the computers in OU1 to refresh their Group Policy settings immediately.
The solution must minimize administrative effort.
Which tool should you use?

A.    Group Policy Object Editor
B.    The Secedit command
C.    Group Policy Management Console (GPMC)
D.    Active Directory Users and Computers

Answer: C
Explanation:
In the previous versions of Windows, this was accomplished by having the user run GPUpdate.exe on their computer.
Starting with Windows Server?2012 and Windows?8, you can now remotely refresh Group Policy settings for all computers in an OU from one central location through the Group Policy Management Console (GPMC). Or you can use the Invoke-GPUpdate cmdlet to refresh Group Policy for a set of computers, not limited to the OU structure, for example, if the computers are located in the default computers container.
Note: Group Policy Management Console (GPMC) is a scriptable Microsoft Management Console (MMC) snap-in, providing a single administrative tool for managing Group Policy across the enterprise. GPMC is the standard tool for managing Group Policy.
Incorrect:
Not B: Secedit configures and analyzes system security by comparing your current configuration to at least one template.
Reference: Force a Remote Group Policy Refresh (GPUpdate)

QUESTION 55
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2.
Server1 has the following BitLocker Drive Encryption (BitLocker) settings:

551

You need to ensure that drive D will unlock automatically when Server1 restarts. What command should you run?
To answer, select the appropriate options in the answer area.

552

Answer:

553
Explanation:
If BitLocker is enabled on the operating system drive, you can admit when you turn on BitLocker for an integrated data drive that the drive is automatically unlocked when the operating system drive is unlocked.
The available parameters are part of the cmdlet Add-BitLockerKeyProtector.
The parameter -ADAccountOrGroupProtector the encryption key can be added to a domain account as a protector.

QUESTION 56
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. All servers run Windows Server 2012 R2.
You need to collect the error events from all of the servers on Server1. The solution must ensure that when new servers are added to the domain, their error events are collected automatically on Server1.
Which two actions should you perform?
(Each correct answer presents part of the solution.
Choose two.)

A.    On Server1, create a collector initiated subscription.
B.    On Server1, create a source computer initiated subscription.
C.    From a Group Policy object (GPO), configure the Configure target Subscription Manager setting.
D.    From a Group Policy object (GPO), configure the Configure forwarder resource usage setting.

Answer: BC
Explanation:
To set up a Source-Initiated Subscription with Windows Server 2003/2008 so that events of interest from the Security event log of several domain controllers can be forwarded to an administrative workstation
* Group Policy
The forwarding computer needs to be configured with the address of the server to which the events are forwarded. This can be done with the following group policy setting:
Computer configuration-Administrative templates-Windows components-Event forwarding-
Configure the server address, refresh interval, and issue certificate authority of a target subscription manager.
* Edit the GPO and browse to Computer Configuration | Policies | Administrative Templates
| Windows Components | Event Forwarding – Configure the server address, refresh interval, and issuer certificate authority of a target Subscription Manager

QUESTION 57
Hotspot Question
Your company has two offices. The offices are located in Montreal and Seattle.
The network contains an Active Directory domain named contoso.com. The domain contains servers named Server1 and Server2. Server1 is located in the Seattle office. Server2 is located in the Montreal office. Both servers run Windows Server 2012 R2 and have the Windows Server Update Services (WSUS) server role installed.
You need to configure Server2 to download updates that are approved on Server1 only.
What cmdlet should you run?
To answer, select the appropriate options in the answer area.

571

Answer:

572

Explanation:
With the cmdlet Set-WsusServerSynchronization can be determined whether a Windows Server Update Services (WSUS) server updates synchronized from Microsoft Update or from an upstream server.
The parameter -UssServerName server name indicates that you want to synchronize from the specified upstream server.
The Parameter -Replica configures the Windows Server Update Services (WSUS) for the replica mode.

QUESTION 58
You have a server named Server1 that runs Windows Server 2012 R2.
Server1 has the File Server Resource Manager role service installed.
Each time a user receives an access-denied message after attempting to access a folder on Server1, an email notification is sent to a distribution list named DL1.
You create a folder named Folder1 on Server1, and then you configure custom NTFS permissions for Folder 1.
You need to ensure that when a user receives an access-denied message while attempting to access Folder1, an email notification is sent to a distribution list named DL2.
The solution must not prevent DL1 from receiving notifications about other access-denied messages.
What should you do?

A.    From File Explorer, modify the Classification tab of Folder1.
B.    From the File Server Resource Manager console, modify the Email Notifications settings.
C.    From the File Server Resource Manager console, set a folder management property.
D.    From File Explorer, modify the Customize tab of Folder1.

Answer: C
Explanation:
Since the is no SMB Share – Advanced option, the other option is to edit folder management properties.
https://social.technet.microsoft.com/Forums/office/en-US/dc0dc85c-467d-4d7a-a881-f513157e9331/please-help-me-about-this-question?forum=winservergen
Also check this:
“When using the email model each of the file shares, you can determine whether access requests to each file share will be received by the administrator, a distribution list that represents the file share owners, or both.
The owner distribution list is configured by using the SMB Share – Advanced file share profile in the New Share Wizard in Server Manager.
You can also use the File Server Resource Manager console to configure the owner distribution list by editing the management properties of the classification properties.”
https://technet.microsoft.com/en-us/library/jj574182.aspx#BKMK_12

70-411 dumps full version (PDF&VCE): https://www.lead2pass.com/70-411.html

Large amount of free 70-411 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDSmRhaVRWcW5Cc1k

You may also need:

70-410 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDcXAzcDVNOWI1blU

70-412 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDcDUzczlzc2N6RkU

70-413 exam dumps: https://drive.google.com/open?id=1b83z5KIZUL3VTF7QfvaVypTlHDaUnZIE

70-414 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDdzk4ajRnWG50TzA

[May 2018] Best Lead2pass Microsoft 70-410 PDF Dumps With New Update Exam Questions 512q

Download Free Microsoft 70-410 Exam Questions And Answers From Lead2pass:

https://www.lead2pass.com/70-410.html

QUESTION 71
Your company has a main office and two branch offices. The offices connect to each other by using a WAN link. In the main office, you have a server named Server1 that runs Windows Server 2012 R2. Server1 is configured to use an IPv4 address only.
You need to assign an IPv6 address to Server1. The IP address must be private and routable. Which IPv6 address should you assign to Server1?

A.    fe80:ab32:145c::32cc:401b
B.    ff00:3fff:65df:145c:dca8::82a4
C.    2001:ab32:145c::32cc:401b
D.    fd00:ab32:14:ad88:ac:58:abc2:4 Read More …

[May 2018] Lead2pass Exam Collection 70-347 Dumps And 70-347 New Questions 260q

Lead2pass Free 70-347 Exam Dumps With PDF And VCE Download:

https://www.lead2pass.com/70-347.html

QUESTION 61
Drag and Drop Question
You are the Office 365 administrator for your company.
The company has multiple Microsoft SharePoint Online sites that are shared with external users. Individual documents have also been shared from other Microsoft SharePoint Online sites.
The company recently ended collaboration with a vendor named Contoso, Ltd.
You need to revoke all sharing with external users who log in with contoso.com accounts without affecting sharing with other vendors.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Read More …

[May 2018] Lead2pass 70-346 Exam Questions Guarantee 70-346 Certification Exam 100% Success 276q

Lead2pass Free 70-346 Exam Questions Download 100% Pass 70-346 Exam:

https://www.lead2pass.com/70-346.html

QUESTION 51
Your company has a hybrid deployment of Office 365. All mailboxes are hosted on Office 365.
All users access their Office 365 mailbox by using a user account that is hosted on-premises.
You need to delete a user account and its associated mailbox.
Which tool should you use?

A.    The Remove-MSOLUser cmdlet
B.    The Remove-Mailbox cmdlet
C.    The Office 365 portal
D.    Active Directory Users and Computers Read More …

[May 2018] Free Share 70-345 PDF Dumps With Lead2pass Updated Exam Questions 143q

Free Share Lead2pass Microsoft 70-345 VCE Dumps With New Update Exam Questions:

https://www.lead2pass.com/70-345.html

QUESTION 31
You have an Exchange Server 2016 organization.
All users work from a main office and use Microsoft Outlook 2016.
You recently ran the Microsoft Office 365 Hybrid Configuration Wizard and moved most of the user mailboxes to Exchange Online. A network administrator reports an increase in the amount of outbound SMTP traffic from the network.
You need to reduce the amount of bandwidth utilization for the outbound SMTP traffic.
What should you do?

A.    From the Exchange Server organization, create a Receive connector that uses the IP address of Exchange Online as a remote range.
B.    From the public DNS zone, modify the MX record to point to Exchange Online.
C.    From the public DNS zone, modify the SRV record to point to Exchange Online.
D.    From the Exchange Server organization, create a Send connector that uses Exchange Online as an SMTP smart host. Read More …

[May 2018] Lead2pass Free 70-339 Exam Dumps With PDF And VCE Download 124q

Free Download 70-339 Exam Dumps VCE From Lead2pass:

https://www.lead2pass.com/70-339.html

QUESTION 31
You need to design a logical architecture for the procurement team site.
You implement durable links.
Does the solution meet the goal?

A.    Yes
B.    No Read More …

[May 2018] Download Free Microsoft 70-333 Exam Questions And Answers From Lead2pass 101q

Lead2pass Dumps For Exam 70-333 With New Updated Exam Questions:

https://www.lead2pass.com/70-333.html

QUESTION 31
You need to solve the Enterprise Voice issue experienced by Sydney users.
Which normalization rule should you use for mobile numbers?

A.    ^0[45]\((d8))$
B.    ^0([45]\d{6})$
C.    ^0[45]\d({8})$
D.    ^0([45]\d{8})$ Read More …

[May 2018] Free Share Of Lead2pass 2V0-751 VCE And PDF Dumps 115q

Free Sharing Of VMware 2V0-751 Brain Dumps From Lead2pass:

https://www.lead2pass.com/2v0-751.html

QUESTION 21
What are the two possible methods of disaster recovery for VMware Mirage endpoints? (Choose two.)

A.    Restore the recovery partition to a previous CVD snapshot on an existing device.
B.    Restore files or the entire desktop to a previous CVD snapshot on an existing device.
C.    Restore the hard drive of an existing or a replacement device.
D.    Restore the CVD snapshot to the primary and recover the files.

Answer: BC
Explanation:
https://www.vmware.com/pdf/mirage-administrators-guide-4.pdf (p.199)

QUESTION 22
Which are two custom setup options when installing VMware Horizon Agent on a master image? (Choose two.)

A.    Windows Media Multimedia Redirection
B.    USB Redirection
C.    VMware Horizon Instant Clone Agent
D.    Unity Touch

Answer: AB

QUESTION 23
What are three valid options for writable volumes? (Choose three.)

A.    Limit the attachment of users’ writables to specific computers.
B.    Attach volume on next login or reboot.
C.    Delay writable creation for group/OU members until they log in.
D.    Attach volume immediately.
E.    Prevent user login if the writable is in use on another computer.

Answer: ACE
Explanation:
http://pubs.vmware.com/appvolumes-210/index.jsp?topic=%2Fcom.vmware.appvolumes.user.doc%2FGUID-BF446318-00B8-4D3A-A7DE-AF21604FE3DB.html

QUESTION 24
One of the datastores containing a manual desktop pool is running out of disk space and an administrator adds a second datastore.
Which operation should the administrator perform to resolve the issue?

A.    Rebalance
B.    Recompose
C.    Storage vMotion
D.    Refresh

Answer: C

QUESTION 25
How many ESXi hosts may receive vSphere Desktop licenses if three 100-seat View Standard bundles are purchased?

A.    An unlimited number of ESXi hosts.
B.    Up to 150 dual-socket ESXi hosts.
C.    Up to three dual-socket ESXi hosts.
D.    None, Horizon Standard does not include vSphere Desktop licenses.

Answer: B

QUESTION 26
What are two valid Directory sync intervals in Identity Manager 2.x? (Choose two.)

A.    Once per month
B.    Once per week
C.    Every hour
D.    Every minute

Answer: BC

QUESTION 27
Which Database Server is supported for View Composer and for the Events Databases?

A.    Microsoft SQL Server 2008 SP4
B.    Oracle 11g Release 2
C.    Microsoft SQL Server 2014
D.    vPostgres Database

Answer: B
Explanation:
https://pubs.vmware.com/horizon-view-60/index.jsp?topic=%2Fcom.vmware.horizon-view.installation.doc%2FGUID-5B2266B8-EA3C-4F49-BABB-2D0B91DE6C1D.html

QUESTION 28
What is the minimum user accounts privilege requirement when installing App Volumes 2.x?

A.    Member of the Local Administrators group.
B.    Member of the Domain Users group.
C.    Member of the Domain Admins group.
D.    Member of the Local Power Users group.

Answer: A
Explanation:
https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/vmware-app-volumes-deployment-considerations.pdf

QUESTION 29
During a new pool creation, an administrator notices that the virtual machines are stuck in the Provisioning state during cloning.
What is the most effective way to correct this issue?

A.    Delete the virtual machines and clone them again.
B.    Change the snapshot on the pool to a newly-created one.
C.    Disable the pool, save the changes, then enable the pool again.
D.    Use vdmadmin 璿 to delete the stuck virtual machines.

Answer: A

QUESTION 30
Which three configuration consoles are available in the VMware Identity Manager administrator? (Choose three.)

A.    Identity Manager Admin Console
B.    Connector Services Admin
C.    Policy Management Console
D.    Application Management Console
E.    Appliance Configurator

Answer: ABE
Explanation:
http://pubs.vmware.com/vidm-24/topic/com.vmware.ICbase/PDF/vidm-24-install.pdf

2V0-751 dumps full version (PDF&VCE): https://www.lead2pass.com/2v0-751.html

Large amount of free 2V0-751 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDdi1HTGFpR1N6MnM

[May 2018] Free Lead2pass 2V0-642 PDF Guarantee 100% Get 2V0-642 Certification 313q

Free Lead2pass VMware 2V0-642 PDF Dumps With New Update Exam Questions:

https://www.lead2pass.com/2v0-642.html

QUESTION 21
Which two statements are true regarding Layer 2 VPNs? (Choose two.)

A.    Layer 2 VPNs are used to securely extend Ethernet segments over an untrusted medium.
B.    The NSX Edge Service Gateway can form a Layer 2 VPN with a standards-compliant physical appliance.
C.    The Distributed Router can form a Layer 2 VPN to another Distributed Router or NSX Edge Service Gateway.
D.    Layer 2 VPNs require the two VPN endpoints be in the same Layer 2 segment.

Read More …

[May 2018] Easily Pass 2V0-622D Exam With Lead2pass New 2V0-622D VCE And PDF Dumps 168q

Easily Pass 2V0-622D Exam With Lead2pass New VMware 2V0-622D Brain Dumps:

https://www.lead2pass.com/2v0-622d.html

QUESTION 21
Which two encryption keys does the host use when encrypting virtual machine files? (Choose two.)

A.    Public Key Infrastructure Encryption Key (PKI)
B.    Master Encryption Key (MEK)
C.    Data Encryption Key (DEK)
D.    Key Encryption Key (KEK)

Read More …

[May 2018] Quickly Pass 2V0-622 Test With Lead2pass New 2V0-622 Brain Dumps 399q

Try Lead2pass Latest VMware 2V0-622 Dumps To Pass The Exam Successfully:

https://www.lead2pass.com/2v0-622.html

QUESTION 21
To reduce the attack vectors for a virtual machine, which two settings should an administrator set to false? (Choose two.)

A.    ideX:Y.present
B.    serial.present
C.    ideX:Y.enabled
D.    serial.enabled

Answer: AB

QUESTION 22
Which two groups of settings should be reviewed when attempting to increase the security of virtual machines (VMs)? (Choose two.)

A.    Disable hardware devices
B.    Disable unexposed features
C.    Disable VMtools devices
D.    Disable VM Template features

Answer: AB

QUESTION 23
Which password meets ESXi 6.x host password requirements?

A.    8kMVnn2x!
B.    zNgtnJBA2
C.    Nvgt34kn44
D.    !b74wr

Answer: A

QUESTION 24
An administrator would like to use a passphrase for their ESXi 6.x hosts which has these characteristics:

-Minimum of 21 characters
-Minimum of 2 words

Which advanced options must be set to allow this passphrase configuration to be used?

A.    retry=3 min=disabled, disabled, 7, 21, 7 passphrase=2
B.    retry=3 min=disabled, disabled, 21, 7, 7 passphrase=2
C.    retry=3 min=disabled, disabled, 2, 21, 7
D.    retry=3 min=disabled, disabled, 21, 21, 2

Answer: B

QUESTION 25
Which Advanced Setting should be created for the vCenter Server to change the expiration policy of the vpxuser password?

A.    VimPasswordExpirationInDays
B.    VimExpirationPasswordDays
C.    VimPassExpirationInDays
D.    VimPasswordRefreshDays

Answer: A

QUESTION 26
An administrator has been instructed to secure existing virtual machines in vCenter Server.
Which two actions should the administrator take to secure these virtual machines? (Choose two.)

A.    Disable native remote management services
B.    Restrict Remote Console access
C.    Use Independent Non-Persistent virtual disks
D.    Prevent use of Independent Non-Persistent virtual disks

Answer: BD

QUESTION 27
An administrator has recently audited the environment and found numerous virtual machines with sensitive data written to the configuration files.
To prevent this in the future, which advanced parameter should be applied to the virtual machines?

A.    isolation.tools.setinfo.disable = true
B.    isolation.tools.setinfo.enable = true
C.    isolation.tools.setinfo.disable = false
D.    isolation.tools.setinfo.enable = false

Answer: A

QUESTION 28
Which two statements are correct regarding vSphere certificates? (Choose two.)

A.    ESXi host upgrades do not preserve the SSL certificate and reissue one from the VMware Certificate Authority (VMCA).
B.    ESXi host upgrades preserve the existing SSL certificate.
C.    ESXi hosts have assigned SSL certificates from the VMware Certificate Authority (VMCA) during install.
D.    ESXi hosts have self-signed SSL certificates by default.

Answer: BC

QUESTION 29
Which three options are available for replacing vCenter Server Security Certificates? (Choose three.)

A.    Replace with Certificates signed by the VMware Certificate Authority.
B.    Make VMware Certificate Authority an Intermediate Certificate Authority.
C.    Do not use VMware Certificate Authority, provision your own Certificates.
D.    Use SSL Thumbprint mode.
E.    Replace all VMware Certificate Authority issued Certificates with self-signed Certificates.

Answer: ABC

QUESTION 30
When attempting to log in with the vSphere Web Client, users have reported the error:

Incorrect Username/Password

The administrator has configured the Platform Services Controller Identity Source as:

-Type. Active Directory as an LDAP Server
-Domain: vmware.com
-Alias: VMWARE
-Default Domain: Yes

Which two statements would explain why users cannot login to the vSphere Web Client? (Choose two.)

A.    Users are typing the password incorrectly.
B.    Users are in a forest that has 1-way trust.
C.    Users are in a forest that has 2-way trust.
D.    Users are logging into vCenter Server with incorrect permissions.

Answer: AB

2V0-622 dumps full version (PDF&VCE): https://www.lead2pass.com/2v0-622.html

Large amount of free 2V0-622 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDREhST1JQZXc0M0U

You may also need:

2V0-622D exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDTkkwTk43VTR2aGs

[May 2018] New Lead2pass VMware 2V0-621D New Questions Free Download 256q

New Released Exam 2V0-621D PDF Free From the Lead2pass:

https://www.lead2pass.com/2v0-621d.html

QUESTION 21
To reduce the attack vectors for a virtual machine, which two settings should an administrator set to false? (Choose two.)

A.    ideX:Y.present
B.    serial.present
C.    ideX:Y.enabled
D.    serial.enabled

Answer: AB
Reference: http://jackiechen.org/2012/10/05/vsphere-5-0-security-hardening-recommended-vm-settings-configure-script/

QUESTION 22
Which two groups of settings should be reviewed when attempting to increase the security of virtual machines (VMs)? (Choose two.)

A.    Disable hardware devices
B.    Disable unexposed features
C.    Disable VMtools devices
D.    Disable VM Template features

Answer: AB
Explanation:
Make sure you review hardware devices and disable the unnecessary ones. Also disable unexposed features before increasing virtual machines security.

QUESTION 23
Which password meets ESXi 6.x host password requirements?

A.    8kMVnn2x!
B.    zNgtnJBA2
C.    Nvgt34kn44
D.    !b74wr

Answer: A
Explanation:
A valid password requires a mix of upper and lower case letters, digits, and other characters. You can use a 7-character long password with characters from at least three of these four classes, or a 6-character long password containing characters from all the classes. A password that begins with an upper case letter and ends with a numerical digit does not count towards the number of character classes used. It is recommended that the password does not contain the username.
A passphrase requires at least 3 words, can be 8 to 40 characters long, and must contain enough different characters.
Reference:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1012033

QUESTION 24
An administrator would like to use a passphrase for their ESXi 6.x hosts which has these characteristics:

– Minimum of 21 characters
– Minimum of 2 words

Which advanced options must be set to allow this passphrase configuration to be used?

A.    retry=3 min=disabled, disabled, 7, 21, 7 passphrase=2
B.    retry=3 min=disabled, disabled, 21, 7, 7 passphrase=2
C.    retry=3 min=disabled, disabled, 2, 21, 7
D.    retry=3 min=disabled, disabled, 21, 21, 2

Answer: B
Explanation:
To force a specific password complexity and disable all others, replace the number with the word with disabled. For example, to force passwords containing characters from all four-character classes: password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min= disabled,disabled,disabled,disabled,7
Reference:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1012033

QUESTION 25
Which Advanced Setting should be created for the vCenter Server to change the expiration policy of the vpxuser password?

A.    VimPasswordExpirationInDays
B.    VimExpirationPasswordDays
C.    VimPassExpirationInDays
D.    VimPasswordRefreshDays

Answer: A
Explanation:
vCenter Server creates the vpxuser account on each ESX/ESXi host that it manages. The password for each vpxuser account is auto-generated when an ESX/ESXi host is added. The password is updated by default every 30 days.
To modify default password settings:
Connect vSphere Client to vCenter Server.
Click Administration > vCenter Server Settings > Advanced Settings. Scroll to the parameter VirtualCenter.VimPasswordExpirationInDays and change the value from the default.
Reference:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1016736

QUESTION 26
An administrator has been instructed to secure existing virtual machines in vCenter Server.
Which two actions should the administrator take to secure these virtual machines? (Choose two.)

A.    Disable native remote management services
B.    Restrict Remote Console access
C.    Use Independent Non-Persistent virtual disks
D.    Prevent use of Independent Non-Persistent virtual disks

Answer: BD
Reference: http://www.vmware.com/files/pdf/techpaper/VMW-TWP-vSPHR-SECRTY-HRDNG-USLET-101-WEB-1.pdf (page 11, see the tables)

QUESTION 27
An administrator has recently audited the environment and found numerous virtual machines with sensitive data written to the configuration files.
To prevent this in the future, which advanced parameter should be applied to the virtual machines?

A.    isolation.tools.setinfo.disable = true
B.    isolation.tools.setinfo.enable = true
C.    isolation.tools.setinfo.disable = false
D.    isolation.tools.setinfo.enable = false

Answer: A
Explanation:
It is configured on a per-VM basis. You can increase the guest operating system variable memory limit if large amounts of custom information are being stored in the configuration file. You can also prevent guests from writing any name-value pairs to the configuration file. To do so, use the following setting, and set it to ‘true’.

QUESTION 28
Which two statements are correct regarding vSphere certificates? (Choose two.)

A.    ESXi host upgrades do not preserve the SSL certificate and reissue one from the VMware Certificate Authority (VMCA).
B.    ESXi host upgrades preserve the existing SSL certificate.
C.    ESXi hosts have assigned SSL certificates from the VMware Certificate Authority (VMCA) during install.
D.    ESXi hosts have self-signed SSL certificates by default.

Answer: BC
Explanation:
Of course, ESXi host upgrades preserve existing SSL certificate and it also have assigned SSL certificates from VMCA during the installation process.

QUESTION 29
Which three options are available for replacing vCenter Server Security Certificates? (Choose three.)

A.    Replace with Certificates signed by the VMware Certificate Authority.
B.    Make VMware Certificate Authority an Intermediate Certificate Authority.
C.    Do not use VMware Certificate Authority, provision your own Certificates.
D.    Use SSL Thumbprint mode.
E.    Replace all VMware Certificate Authority issued Certificates with self-signed Certificates.

Answer: ABC
Explanation:
There are three options for replace vCenter server security certificates. You can replace it with certificates signed by VMware certificate authority; you can make the VMCA an intermediate certificate authority. Likewise, you can provision your own certificates.

QUESTION 30
When attempting to log in with the vSphere Web Client, users have reported the error:

Incorrect Username/Password

The administrator has configured the Platform Services Controller Identity Source as:

– Type. Active Directory as an LDAP Server
– Domain: vmware.com
– Alias: VMWARE
– Default Domain: Yes

Which two statements would explain why users cannot login to the vSphere Web Client? (Choose two.)

A.    Users are typing the password incorrectly.
B.    Users are in a forest that has 1-way trust.
C.    Users are in a forest that has 2-way trust.
D.    Users are logging into vCenter Server with incorrect permissions.

Answer: AB
Explanation:
The possible explanation for this error might be that the users are typing password incorrectly or they are in a forest with has only 1-way trust. You need 2-way trust to get the credentials accepted.

2V0-621D dumps full version (PDF&VCE): https://www.lead2pass.com/2v0-621d.html

Large amount of free 2V0-621D exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDa2xCVTdHZXoxYjA

Pages: 1 2 3 4 5 6 7 ... 157 158