Ch 3

Question 1

1. How many default system roles are available in vCenter?

A. 2
B. 3
C. 4
D. 5

Answer 1

B. There are three default system roles: Administrator, Read-Only, and No Access.

Question 2

2. In vCenter Server, which of the following items defines individual user rights?

A. Role
B. Permission
C. Privilege
D. None of these

Answer 2

C. A privilege defines individual user rights.

Question 3

3. In vCenter Server, a role is a collection of \_\_\_\_\_\_.
A. Roles
B. Permissions
C. Privileges
D. User rights

Answer 3

C. A role is a collectino of privileges.

Question 4

4. What is created by pairing a vCenter Server role with a user or group and then associating it with an object in the vCenter Server inventory?

A. Role
B. Permission
C. Privilege
D. User right

Answer 4

B. A permission is created by pairing a role with a user or group and associating it with an object in the vCenter Server inventory.

Question 5

5. In vCenter Server, which of the following statements are true about permission inheritance? (Choose two.)

A. Any permission defined directly on a child object will override permissions propagated from parent objects.
B. Any permission defined directly on a parent object will override permissions propagated from child objects.
C. Virtual machines do not inherit multiple permissions.
D. Virtual machines inherit multiple permissions.

Answer 5

A and D. Any permission defined on a child object will override permissions propagated from parent objects, and virtual machines inherit multiple permissions.

Question 6

6. Which of the following statements about the ESXi firewall is true?

A. The firewall is disabled by default and must be enabled using the vSphere Web Client.
B. The firewall is enabled by default and blocks all traffic by default, except for traffic for the default management services.
C. The firewall is enabled by default, allows all outbound traffic, and blocks all inbound traffic.
D. The firewall is disabled by default and must be enabled using the esxcli command.

Answer 6

B. The ESXi firewall is enabled by default and also blocks all traffic by default, except for default management services traffic.

Question 7

7. Which of the following is the VMware-recommended startup policy for ESXi services?

A. Start And Stop With Port Usage
B. Start And Stop With Host
C. Start And Stop Manually
D. VMware does not specifically recommend any single startup policy.

Answer 7

A. Start And Stop With Port Usage is the setting Vmware recommends.

Question 8

8. Operations performed against an ESXi host in lockdown mode can originate from which of the following?

A. vMA
B. vSphere Client connected directly to ESXi host
C. vCenter Server
D. vSphere CLI commands

Answer 8

C. All operations performed against an ESXi host in lockdown mode must originate from the vCenter Server that is managing the ESXi host. The exceptions are the ESXi Shell, SSH, or the Direct Console User Interface (DCUI) if these services are enabled on the ESXi host in lockdown mode.

Question 9

9. WHich of the following are valid reasons to join ESXi hosts to a directory service? (Choose all that apply.)

A. Allows vSphere Web Client access directly to ESXi host
B. Simplifies user management
C. Improved security for root account
D. Enables vCenter lockdown mode

Answer 9

B and C. Joining an ESXi host to a directory service simplifies user management and improves security by not having to share the root user account credentials.

Question 10

10. To export the list of local ESXi users to an HTML file, which of the following approaches could be used?

A. vSphere Client connected to a vCenter Server
B. vSphere Client connected to ESXi host
C. vSphere Web Client connected to a vCenter Server
D. vSphere Web Client connected to ESXi host

Answer 10

B. The list of local ESXi users and groups is accessible from the vSphere Client connected directly to the ESXi host. vCenter Server has no ability to view the local ESXi accounts, and the vSphere Web Client can only connect to vCenter Server.

Question 11

11. Which of the following is the preferred method to manage user permissions in vCenter Server?

A. Using Local Windows groups
B. Using Active Directory distribution groups
C. Using Active Directory security groups
D. Using Active Directory users

Answer 11

C. Active Directory security groups are the preferred method for managing permissions in vCenter Server.

Question 12

12. When working with the vSphere Web Client, which of the following is true of the vCenter Server default system roles?

A. They can be cloned.
B. They can be edited.
C. They can be removed.
D. None of these.

Answer 12

A. The default system roles of No Access, Read-Only, and Administrator can be cloned, but they cannot be edited or removed.

Question 13

13. Which of the following groups must be created in Active Directory before an ESXi can successfully use Active Directory for authentication?

A. ESXi Admin
B. ESXi Admins
C. ESX Admin
D. ESX Admins

Answer 13

D. There must be a group in Active Directory with the name ESX Admins, and the Active Directory user accounts that should have access to the ESXi host(s) will be placed in this group.

Question 14

14. Which of the following is VMware’s virtual desktop infrastructure solution?

A. Horizon View
B. Site Recovery Manager
C. vCenter Operations Management Suite
D. vCloud Director

Answer 14

A. Horizon View is Vmware’s virtual desktop infrastructure solution. Site Recovery Manager is Vmware’s disaster recovery solution. vCenter Operations Management Suite is Vmware’s performance, capacity, and health monitoring solution. vCloud Director is VMware’s software-defined data center provisioning solution.

Question 15

15. Which of the following privileges are required for taking a virtual machine snapshot? (Choose all that apply.)

A. Virtual Machine.Snapshot Management. Create Snapshot
B. Virtual Machine.Provisioning.Allow Disk Access
C. Datastore.Allocate Space
D. Datastore.Update Virtual Machine Files

Answer 15

A and C. The Virtual Machine.Snapshot Management.Create Snapshot and the Datastore. Allocate space privileges are both required to take a snapshot of a virtual machine.

Question 16

16. Which features of the Enterprise Plus Edition of vSphere are not included with the Enterprise Edition of vSphere? (Choose all that apply.)

A. Storage APIs for Multipathing
B. Storage I/O Control
C. Storage vMotion
D. Storage DRS

Answer 16

B and D. Storage I/O Control and Storage DRS are both included only in the Enterprise Plus Edition of vSphere 5.

Question 17

17. Which features of the Enterprise Edition of vSphere are not included with the Standard Edition of vSphere? (Choose all that apply.)

A. Storage APIs for Array Integration
B. Storage APIs for Multipathing
C. Distributed Resources Scheduler (DRS)
D. Distributed Power Management (DPM)

Answer 17

A, B, C and D. All four of these features are available only in Enterprise or higher editions of vSphere 5.

Question 18

18. The vSphere architecture is composed of which layers? (Choose all that apply.)

A. Virtualization
B. Client access
C. Management
D. Interface

Answer 18

A, C and D. The vSphere architecture is composed of three distinct layers: the virtualization layer, the management layer, and the interface layer.

Question 19

19. Which features of the Essentials Plus Edition of vSphere are not included with the Essentials Edition of vSphere? (Choose all that apply.)

A. Data Protection
B. High Availability
C. vMotion
D. vSphere Replication

Answer 19

A, B and D. None of these features are included with the Essentials Edition of vSphere 5.

Question 20

20. A customer needs to implement a virtual infrastructure that meets the following requirement: the customer wants to have both diskless and stateless ESXi hosts implemented. Which vSphere edition is required?

A. Enterprise Plus
B. Enterprise
C. Standard
D. None of the above

Answer 20

A. The Enterprise Plus edition of vSphere would be required in this case, because the customer could use the Auto Deploy feature to achieve the diskless and stateless ESXi hosts.