资源描述
VMware 2V0-621 Exam
QUESTION NO: 1
An administrator wants to provide users restricted access. The users should only be able to perform the following tasks:
管理员想要提供用户限制访问。用户应该只可以执行以下任务:
- Create and consolidate virtual machine snapshots
创建和巩固虚拟机快照
- Add/Remove virtual disks
添加/删除虚拟磁盘
- Snapshot Management
快照管理
Which default role in vCenter Server would meet the administrator's requirements for the users?
哪个默认角色的vCenter服务器满足用户管理员的要求?
A. Virtual machine user
虚拟机用户
B. Virtual machine power user
虚拟机电力用户
C. Virtual Datacenter administrator
虚拟数据中心管理员
D. VMware Consolidated Backup user
VMware合并备份用户
Answer: B
Explanation:
QUESTION NO: 2
Which two roles can be modified? (Choose two.)
哪两个角色可以被修改?
A. Administrator
管理员
B. Network Administrator
网络管理员
C. Datastore Consumer
数据存储用户
D. Read-Only
只读
Answer: B,C
Explanation:
QUESTION NO: 3
An administrator with global administrator privileges creates a custom role but fails to assign any privileges to it.
有全球管理员权限的管理员创建一个自定义的角色,但没有分配到任何权限。
Which two privileges would the custom role have? (Choose two.)
自定义用户有哪两个权限
A. System.View
B. System.Anonymous
C. System.User
D. System.ReadOnly
Answer: A,B
Explanation:
QUESTION NO: 4
An administrator wishes to give a user the ability to manage snapshots for virtual machines.Which privilege does the administrator need to assign to the user?
管理员希望让用户能够管理虚拟机的快照.哪个特权管理员需要分配给用户
A. Datastore.Allocate Space
Datastore.Allocate空间
B. Virtual machine.Configuration.create snapshot
虚拟machine.Configuration.create快照
C. Virtual machine.Configuration.manage snapshot
虚拟machine.Configuration.manage快照
D. Datastore.Browse Datastore
Datastore.Browse数据存储
Answer: A
Explanation:
QUESTION NO: 5
An object has inherited permissions from two parent objects.
一个对象已经从两个父对象继承了权限
What is true about the permissions on the object?
关于这个对象的权限说法正确的是?
A. The common permissions between the two are applied and the rest are discarded.
两个父对象之间的共同权限是可实施的,其它的是不能实施的。
B. The permissions are combined from both parent objects.
父对象的权限相结合。
C. No permissions are applied from the parent objects.
从父对象没有应用的权限
D. The permission is randomly selected from either of the two parent objects.
权限是随机从两个父对象选择的
Answer: B
Explanation:
QUESTION NO: 6
What is the highest object level from which a virtual machine can inherit privileges?
虚拟机可以继承特权的最高对象级别是什么?
A. Host Folder
B. Data Center
C. Data Center Folder
D. VM Folder
Answer: C
Explanation:
QUESTION NO: 7
Which three Authorization types are valid in vSphere? (Choose three.)
哪三种授权类型在vSphere是有效的
A. Group Membership in vsphere.local
组成员在vsphere.local
B. Global
全体的
C. Forest
森林
D. vCenter Server
vCenter服务器
E. Group Membership in system-domain
组成员在系统域
Answer: A,B,D
Explanation:
QUESTION NO: 8
Which three components should an administrator select when configuring vSphere permissions?(Choose three.)
在配置vSphere权限时哪三个组件要管理员选择
A. Inventory Object
B. Role
C. User/Group
D. Privilege
特权
E. Password
口令
Answer: A,B,C
Explanation:
QUESTION NO: 9
In which two vsphere.local groups should an administrator avoid adding members? (Choose two.)
在哪两个vsphere当地群组中管理员应该避免添加成员?
A. SolutionUsers
B. Administrators
C. DCAdmins
D. ExternalPDUsers
Answer: A,B
Explanation:
QUESTION NO: 10
An administrator has configured three vCenter Servers and vRealize Orchestrator within aPlatform Services Controller domain, and needs to grant a user privileges that span all environments.
管理员在latform服务控制器域中配置三个vCenter服务器和vRealize协调器,需要授予用户可以跨越所有环境得特权。
Which statement best describes how the administrator would accomplish this?
哪个陈述最好的描述了管理员能完成上述过程?
A. Assign a Global Permission to the user.
全球许可分配给用户。
B. Assign a vCenter Permission to the user.
vCenter权限分配给用户。
C. Assign vsphere.local membership to the user.
分配vsphere.local membership 给用户
D. Assign an ESXi Permission to the user.
向用户分配一个ESXi的许可。
Answer: A
Explanation:
QUESTION NO: 11
Which two methods are recommended for managing the VMware Directory Service?
哪两种方法推荐用来管理VMware目录服务?
(Choose two.)
A. Utilize the vmdir command.
利用vmdir命令。
B. Manage through the vSphere Web Client.
通过vSphere Web客户端管理
C. Manage using the VMware Directory Service.
通过VMware目录服务管理
D. Utilize the dc rep command.
利用dc rep 命令。
Answer: A,B
Explanation:
QUESTION NO: 12
What are two sample roles that are provided with vCenter Server by default? (Choose two.)
在默认情况下,哪两个示例角色提供给vCenter服务器?
A. Virtual machine User
虚拟机用户
B. Network Administrator
网络管理员
C. Content Library Administrator
内容库管理员
D. Storage Administrator
存储管理员
Answer: A,B
Explanation:
QUESTION NO: 13
Which three services can be enabled/disabled in the Security Profile for an ESXi host? (Choosethree.)
哪三个服务可以启用/禁用在ESXi主机的安全性配置文件
A. CIM Server
CIM服务器
B. Single Sign-On
单点登录
C. Direct Console UI
直接控制UI
D. Syslog Server
系统日志服务器
E. vSphere Web Access
vSphere 网络访问
Answer: A,C,D
Explanation:
QUESTION NO: 14
An administrator would like to use the VMware Certificate Authority (VMCA) as an IntermediateCertificate Authority (CA). The first two steps performed are:
管理员想使用VMware证书颁发机构(VMCA)作为IntermediateCertificate权威(CA)。前两个步骤如下
- Replace the Root Certificate
取代根证书
- Replace Machine Certificates (Intermediate CA)
更换机器证书(中级CA)
Which two steps would need to be performed next? (Choose two.)
接下来哪两个步骤要被执行?
A. Replace Solution User Certificates (Intermediate CA)
替代解决方案的用户证书(中级CA)
B. Replace the VMware Directory Service Certificate (Intermediate CA)
取代VMware目录服务证书(中级CA)
C. Replace the VMware Directory Service Certificate
取代VMware目录服务证书
D. Replace Solution User Certificates
替代解决方案的用户证书
Answer: A,C
Explanation:
QUESTION NO: 15
Which three options are available for ESXi Certificate Replacement? (Choose three.)
哪三个选项可用于ESXi证书替换?
A. VMware Certificate Authority mode
VMware认证授权模式
B. Custom Certificate Authority mode
自定义认证授权模式
C. Thumbprint mode
个性特征模式
D. Hybrid Deployment
混合部署
E. VMware Certificate Endpoint Authority Mode
VMware证书终端权威模式
Answer: A,B,C
Explanation:
QUESTION NO: 16
Lockdown Mode has been enabled on an ESXi 6.x host and users are restricted from logging into the Direct Console User Interface (DCUI).
ESXi 6.x主机的锁定模式已启用和用户受限制登录到直接控制台用户界面
Which two statements are true given this configuration? (Choose two.)
对于给出的这个配置哪两个语句是正确的?
A. A user granted administrative privileges in the Exception User list can login.
在异常用户列表中一个授予管理权限的用户可以登录
B. A user defined in the DCUI.Access without administrative privileges can login.
DCUI访问中定义的一个没有管理权限用户可以登录。
C. A user defined in the ESXi Admins domain group can login.
在ESXi管理域组定义的用户可以登录
D. A user set to the vCenter Administrator role can login.
设置为vCenter管理员角色的用户可以登录
Answer: A,B
Explanation:
QUESTION NO: 17
Strict Lockdown Mode has been enabled on an ESXi host.
严格封锁模式在ESXi主机上已启用。
Which action should an administrator perform to allow ESXi Shell or SSH access for users with administrator privileges?
管理员应该执行哪个操作来允许ESXi Shell或SSH访问用户管理员权限
A. Grant the users the administrator role and enable the service.
授予用户管理员角色并启动服务。
B. Add the users to Exception Users and enable the service.
将用户添加到异常用户并支持服务
C. No action can be taken, Strict Lockdown Mode prevents direct access.
不采取任何行动,严格封锁方式防止直接访问。
D. Add the users to vsphere.local and enable the service.
添加用户vsphere本地和启动服务
Answer: B
Explanation:
QUESTION NO: 18
A common root user account has been configured for a group of ESXi 6.x hosts.
一个共同的根用户账户被配置在一群ESXi 6.x主机上。
Which two steps should be taken to mitigate security risks associated with this configuration?(Choose two.)
哪两个步骤应采取来减小这个配置的安全风险?
A. Remove the root user account from the ESXi host.
从ESXi主机删除根用户账户。
B. Set a complex password for the root account and limit its use.
根帐户设置复杂的密码,限制其使用。
C. Use ESXi Active Directory capabilities to assign users the administrator role.
使用ESXi Active Directory 功能给用户分配管理员角色。
D. Use Lockdown mode to restrict root account access.
使用锁定模式限制根帐户访问。
Answer: B,C
Explanation:
QUESTION NO: 19
An administrator wants to configure an ESXi 6.x host to use Active Directory (AD) to manage users and groups. The AD domain group ESX Admins is planned for administrative access to the host.
管理员使用Active Directory想要配置一个ESXi 6.x主机为管理员用户和群组。Active Directory (AD)域ESX 管理员组计划管理访问主机。
Which two conditions should be considered when planning this configuration? (Choose two.)
在规划这个配置时哪两个条件应考虑?
A. If administrative access for ESX Admins is not required, this setting can be altered.
如果管理访问ESX管理员不是必需的,可以改变该设置。
B. The users in ESX Admins are not restricted by Lockdown Mode.
ESX管理员中的用户不受锁定模式限制。
C. An ESXi host provisioned with Auto Deploy cannot store AD credentials.
配置自动部署的ESXi主机不能存储AD凭证。
D. The users in ESX Admins are granted administrative privileges in vCenter Server.
ESX管理员中的用户在vCenter服务器中授予管理权限。
Answer: A,C
Explanation:
QUESTION NO: 20
Which two advanced features should be disabled for virtual machines that are only hosted on a vSphere system? (Choose two.)
只是托管在vSphere系统的虚拟机的哪两个高级特性应该禁用,?
A. isolation.tools.unity.push.update.disable
B. isolation.tools.ghi.launchmenu.change
C. isolation.tools.bbs.disable
D. isolation.tools.hgfsServerSet.enable
Answer: A,B
Explanation:
QUESTION NO: 21
To reduce the attack vectors for a virtual machine, which two settings should an administrator set to false? (Choose two.)
减少攻击向量为一个虚拟机,哪两个设置管理员应该设置为false?
A. ideX:Y.present
B. serial.present
C. ideX:Y.enabled
D. serial.enabled
Answer: A,B
Explanation:
QUESTION NO: 22
Which two groups of settings should be reviewed when attempting to increase the security of virtual machines (VMs)? (Choose two.)
当试图增加虚拟机(vm)的安全时哪这两组设置应该被审查?
A. Disable hardware devices
禁用硬件设备
B. Disable unexposed features
禁用未曝光的功能
C. Disable VMtools devices
禁用VMtools设备
D. Disable VM Template features
禁用VM模板功能
Answer: A,B
Explanation:
QUESTION NO: 23
Which password meets ESXi 6.x host password requirements?
哪个密码符合ESXi 6.x主机密码要求?
A. 8kMVnn2x!
B. zNgtnJBA2
C. Nvgt34kn44
D. !b74wr
Answer: A
Explanation:
QUESTION NO: 24
An administrator would like to use a passphrase for their ESXi 6.x hosts which has these characteristics:
管理员想要使用具有以下特点ESXi 6.x主机的一个密码:
- Minimum of 21 characters
至少21个字符
- Minimum of 2 words
-至少2字符
Which advanced options must be set to allow this passphrase configuration to be used?
哪个高级选项必须设置来允许使用这个密码配置?
A. retry=3 min=disabled,disabled,7,21,7 passphrase=2
B. retry=3 min=disabled,disabled,21,7,7 passphrase=2
C. retry=3 min=disabled,disabled,2,21,7
D. retry=3 min=disabled,disabled,21,21,2
Answer: B
Explanation:
QUESTION NO: 25
Which Advanced Setting should be created for the vCenter Server to change the expiration policy of the vpxuser password?
哪个先进的设置应该为vCenter服务器创建来更改vpxuser密码过期策略?
A. VimPasswordExpirationInDays
B. VimExpirationPasswordDays
C. VimPassExpirationInDays
D. VimPasswordRefreshDays
Answer: A
Explanation:
QUESTION NO: 26
An administrator has been instructed to secure existing virtual machines in vCenter Server.
管理员被指示来确保现有的在 vCenter服务器上的虚拟机安全。
Which two actions should the administrator take to secure these virtual machines? (Choose two.)
哪两个动作管理员应该采取来保护这些虚拟机?
A. Disable native remote management services
禁用本地远程管理服务
B. Restrict Remote Console access
限制远程控制台访问
C. Use Independent Non-Persistent virtual disks
使用独立的非持久性虚拟磁盘
D. Prevent use of Independent Non-Persistent virtual disks
防止使用独立的非持久性虚拟磁盘
Answer: B,D
Explanation:
QUESTION NO: 27
An administrator has recently audited the environment and found numerous virtual machines with sensitive data written to the configuration files.
管理员最近审计环境,发现了许多敏感数据写入配置文件的虚拟机
To prevent this in the future, which advanced parameter should be applied to the virtual machines?
以防止在未来发生,哪个先进的参数应该被应用到虚拟机?
A. isolation.tools.setinfo.disable = true
B. isolation.tools.setinfo.enable = true
C. isolation.tools.setinfo.disable = false
D. isolation.tools.setinfo.enable = false
Answer: A
Explanation:
QUESTION NO: 28
Which two statements are correct regarding vSphere certificates? (Choose two.)
关于vSphere证书哪两个语句是正确的?
A. ESXi host upgrades do not preserve the SSL certificate and reissue one from the VMwareCertificate Authority (VMCA).
ESXi主机升级不保存SSL证书,从VMCA补发一个
B. ESXi host upgrades preserve the existing SSL certificate.
ESXi主机升级保存现有的SSL证书。
C. ESXi hosts have assigned SSL certificates from the VMware Certificate Authority (VMCA) during install.
在安装时ESXi主机已经从VMCA分配SSL证书。
D. ESXi hosts have self-signed SSL certificates by default.
ESXi主机默认签名SSL证书。
Answer: B,C
Explanation:
QUESTION NO: 29
Which three options are available for replacing vCenter Server Security Certificates? (Choosethree.)
哪三个选项可用于取代vCenter服务器安全证书
A. Replace with Certificates signed by the VMware Certificate Authority.
替换为VMware证书颁发机构签署的证书。
B. Make VMware Certificate Authority an Intermediate Certificate Authority.
让VMware证书颁发机构为中间证书颁发机构。
C. Do not use VMware Certificate Authority, provision your own Certificates.
不使用VMware证书颁发机构,提供自己的证书
D. Use SSL Thumbprint mode.
使用SSL拇指指纹模式。
E. Replace all VMware Certificate Authority issued Certificates with self-signed Certificates.
替换所有VMware证书颁发机构发行的证书使用自签名证书。
Answer: A,B,C
Explanation:
QUESTION NO: 30
When attempting to log in with the vSphere Web Client, users have reported the error:
当试图登录到vSphere Web客户端,用户报告错误:
Incorrect Username/Password
不正确的用户名/密码
The administrator has configured the Platform Services Controller Identity Source as:
管理员配置的平台服务控制器管身份资源是:
- Type.Active Directory as an LDAP Server
- Domain:
- Alias: VMWARE
- Default Domain: Yes
缺省域:是
Which two statements would explain why users cannot login to the vSphere Web Client? (Choosetwo.)
哪两个表述可以解释为什么用户无法登录到vSphere Web客户端?
A. Users are typing the password incorrectly.
用户输入的密码不正确。
B. Users are in a forest that has 1-way trust.
用户在一个forest 有1路的信任。
C. Users are in a forest that has 2-way trust.
用户在一个forest 有2路的信任。
D. Users are logging into vCenter Server with incorrect permissions.
用户用不正确的权限登录到vCenter服务器。
Answer: A,B
Explanation:
QUESTION NO: 31
Which group in the vsphere.local domain will have administrator privileges for the VMwareCertificate Authority (VMCA)?
Vsphere本地域的哪一组有VMCA的管理员权限?
A. SolutionUsers
解决方案用户
B. CAAdmins
C. DCAAdmins
D. SystemConfiguration.Administrators
系统配置.管理员
Answer: B
Explanation:
QUESTION NO: 32
Which Platform Service Controller Password Policy determines the number of days a password can exist before the user must change it?
在用户必须改变它之前,哪个平台服务控制器密码策略可以确定密码的存在天数。
A. Maximum Lifetime
做大生命周期
B. Password Age
密码年龄
C. Maximum Days
最大天数
D. Password Lifetime
密码生命周期
Answer: A
Explanation:
QUESTION NO: 33
An administrator is configuring the clock tolerance for the Single Sign-On token configuration policy and wants to define the time skew tolerance between a client and the domain controller clock.
管理员配置时钟对单点登录令牌政策,想定义一个倾斜公差在客户端和域控制器时钟之间。
Which time measurement is used for the value?
这个值可以用那个时间单位表示?
A. Milliseconds
毫秒
B. Seconds
秒
展开阅读全文
浙ICP备2021020529号-1 | 浙B2-20240490 
