VCP 6.5
VCP 6.5
VCP 6.5
236q
Number: 2V0-621
Passing Score: 800
Time Limit: 120 min
File Version: 7.0
2V0-621
Version 7.0
Exam A
QUESTION 1
An administrator wants to provide users restricted access. The users should only be able to perform the following tasks:
Create and consolidate virtual machine snapshots
Add/Remove virtual disks
Snapshot Management
Which default role in vCenter Server would meet the administrator's requirements for the users?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Virtual Machine Power User: A sample role that grants a user access rights only to virtual machines; can alter the virtual hardware or create snapshots of the VM
Reference:
https://communities.vmware.com/thread/480179?start=0&tstart=0
https://www.pluralsight.com/blog/tutorials/vmware-access-control-101-roles-and-permissions
QUESTION 2
Which two roles can be modified? (Choose two.)
A. Administrator
B. Network Administrator
C. Datastore Consumer
D. Read-Only
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
Three of the pre-established roles are permanent, meaning that the privileges associated with that role cannot be modified. These permanent roles are available to a
stand-alone ESX or ESXi server, or to vCenter Server. The remaining eight are sample roles which can be modified as needed. These eight roles are exclusive to vCenter
Server.
Below are the pre-established roles:
No Access: A permanent role that is assigned to new users and groups. Prevents a user or group from viewing or making changes to an object
Read-Only: A permanent role that allows users to check the state of an object or view its details, but not make changes to it
Administrator: A permanent role that enables a user complete access to all of the objects on the server. The root user is assigned this role by default, as are all of the
users who are part of the local Windows Administrators group associated with vCenter Server. At least one user must have administrative permissions in VMware.
Virtual Machine Administrator: A sample role that allows a user complete and total control of a virtual machine or a host, up to and including removing that VM or
host
Virtual Machine Power User: A sample role that grants a user access rights only to virtual machines; can alter the virtual hardware or create snapshots of the VM
Virtual Machine User: Grants user access rights exclusively to VMs. The user can power on, power off, and reset the virtual machine, as well as run media from the
virtual discs.
Resource Pool Administrator: Allows the user to create resource pools (RAM and CPU reserved for use) and assign these pools to virtual machines
Datacenter Administrator: Permits a user to add new datacenter objects
VMware Consolidated Backup User: Required to allow VMware Consolidated Backup to run
Datastore Consumer: Allows the user to consume space on a datastore
Network Consumer: Allows the user to assign a network to a virtual machine or a host
Reference:
https://communities.vmware.com/thread/480179?start=0&tstart=0
https://www.pluralsight.com/blog/tutorials/vmware-access-control-101-roles-and-permissions
QUESTION 3
An administrator with global administrator privileges creates a custom role but fails to assign any privileges to it.
Which two privileges would the custom role have? (Choose two.)
A. System.View
B. System.Anonymous
C. System.User
D. System.ReadOnly
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
When you add a custom role and do not assign any privileges to it, the role is created as a Read Only role with three system-defined privileges: System.Anonymous,
System.View, and System.Read.
Reference:
https://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc_50%2FGUID-5ACE7CFA-75EC-4EF3-95E7-19962D76225E.html
QUESTION 4
An administrator wishes to give a user the ability to manage snapshots for virtual machines.
A. Datastore.Allocate Space
B. Virtual machine.Configuration.create snapshot
C. Virtual machine.Configuration.manage snapshot
D. Datastore.Browse Datastore
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Reference:
https://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp?topic=/com.vmware.vsphere.vmadmin.doc_41/vsp_dc_admin_guide/
managing_users_groups_roles_and_permissions/r_required_privileges_for_common_tasks.html
QUESTION 5
An object has inherited permissions from two parent objects.
A. The common permissions between the two are applied and the rest are discarded.
B. The permissions are combined from both parent objects.
C. No permissions are applied from the parent objects.
D. The permission is randomly selected from either of the two parent objects.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
If an object inherits permissions from two parent objects, the permissions on one object are added to the permissions on the other object. For example, if a virtual machine
is in a virtual machine folder and also belongs to a resource pool, that virtual machine inherits all permission settings from both the virtual machine folder and the resource
pool.
Reference:
https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-72EE3449-79FD-4E7A-B164-26904958540F.html
QUESTION 6
What is the highest object level from which a virtual machine can inherit privileges?
A. Host Folder
B. Data Center
C. Data Center Folder
D. VM Folder
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Reference:
http://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp?topic=/com.vmware.vsphere.dcadmin.doc_41/vsp_dc_admin_guide/
managing_users_groups_roles_and_permissions/c_hierarchical_inheritance_of_permissions.html
QUESTION 7
Which three Authorization types are valid in vSphere? (Choose three.)
Explanation/Reference:
The primary way of authorizing a user or group in vSphere is the vCenter Server permissions. Depending on the task you want to perform, you might require other
authorization.
vSphere 6.0 and later allows privileged users to give other users permissions to perform tasks in the following ways. These approaches are, for the most part, mutually
exclusive; however, you can assign use global permissions to authorize certain users for all solution, and local vCenter Server permissions to authorize other users for
individual vCenter Server systems.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-74F53189-EF41-4AC1-A78E-D25621855800.html
Global Permissions
QUESTION 8
Which three components should an administrator select when configuring vSphere permissions? (Choose three.)
A. Inventory Object
B. Role
C. User/Group
D. Privilege
E. Password
Explanation/Reference:
To manage permissions from the vSphere Web Client, you need to understand the following concepts:
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-3B78EEB3-23E2-4CEB-9FBD-E432B606011A.html
QUESTION 9
In which two vsphere.local groups should an administrator avoid adding members? (Choose two.)
A. SolutionUsers
B. Administrators
C. DCAdmins
D. ExternalPDUsers
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-87DA2F34-DCC9-4DAB-8900-1BA35837D07E.html
QUESTION 10
An administrator has configured three vCenter Servers and vRealize Orchestrator within a Platform Services Controller domain, and needs to grant a user privileges that
span all environments.
Which statement best describes how the administrator would accomplish this?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Global Permissions
Global permissions are applied to a global root object that spans solutions, for example, both vCenter Server and vCenter Orchestrator. Use global permissions to give a
user or group privileges for all objects in all object hierarchies.
Each solution has a root object in its own object hierarchy. The global root object acts as a parent object to each solution object. You can assign global permissions to
users or groups, and decide on the role for each user or group. The role determines the set of privileges. You can assign a predefined role or create custom roles.
See Using Roles to Assign Privileges. It is important to distinguish between vCenter Server permissions and global permissions.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-C7702E31-1623-4189-89CB-E1136AA27972.html
QUESTION 11
Which two methods are recommended for managing the VMware Directory Service? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
A) dir-cli Command Reference
The dir-cli utility allows you to create and update solution users, create other user accounts, and manage certificates and passwords in vmdir. ( link: to see vmdir
commands-- https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-4FBEA58E-9492-409B-B584-C18477F041D8.html )
B) Directory service associated with the vsphere.local domain. This service is a multi-tenanted, multi-mastered directory service that makes an LDAP directory available
on port 11711. In multisite mode, an update of VMware Directory Service content in one VMware Directory Service instance results in the automatic update of the VMware
Directory Service instances associated with all other vCenter Single Sign-On nodes via Vsphere Web Client.
QUESTION 12
What are two sample roles that are provided with vCenter Server by default? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Reference:
http://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp?topic=/com.vmware.vsphere.dcadmin.doc_41/vsp_dc_admin_guide/
managing_users_groups_roles_and_permissions/r_default_roles_for_esx_esxi_and_vcenter_server.html
QUESTION 13
Which three services can be enabled/disabled in the Security Profile for an ESXi host? (Choose three.)
A. CIM Server
B. Single Sign-On
C. Direct Console UI
D. Syslog Server
E. vSphere Web Access
Explanation/Reference:
Explanation:
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-37AB1F95-DDFD-4A5D-BD49-3249386FFADE.html
QUESTION 14
An administrator would like to use the VMware Certificate Authority (VMCA) as an Intermediate Certificate Authority (CA). The first two steps performed are:
Replace the Root Certificate
Replace Machine Certificates (Intermediate CA)
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Use VMCA as an Intermediate Certificate Authority
You can replace the VMCA root certificate with a third-party CA-signed certificate that includes VMCA in the certificate chain. Going forward, all certificates that VMCA
generates include the full chain. You can replace existing certificates with newly generated certificates. This approach combines the security of third-party CA-signed
certificate with the convenience of automated certificate management.
Procedure
1
Replace the Root Certificate (Intermediate CA)
The first step in replacing the VMCA certificates with custom certificates is generating a CSR and adding the certificate that is returned to VMCA as a root certificate.
2
Replace Machine SSL Certificates (Intermediate CA)
After you have received the signed certificate from the CA and made it the VMCA root certificate, you can replace all machine SSL certificates.
3
Replace Solution User Certificates (Intermediate CA)
After you replace the machine SSL certificates, you can replace the solution user certificates.
4
Replace the VMware Directory Service Certificate
If you decide to use a new VMCA root certificate, and you unpublish the VMCA root certificate that was used when you provisioned your environment, you must replace
the machine SSL certificates, solution user certificates, and certificates for some internal services.
5
Replace the VMware Directory Service Certificate in Mixed Mode Environments
During upgrade, your environment might temporarily include both vCenter Single Sign-On version 5.5 and vCenter Single Sign-On version 6.0, you have to perform
additional steps to replace the VMware Directory Service SSL certificate if you replace the SSL certificate of the node on which the vCenter Single Sign-On service is
running.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-5FE583A2-3737-4B62-A905-5BB38D479AE0.html
QUESTION 15
Which three options are available for ESXi Certificate Replacement? (Choose three.)
Explanation/Reference:
Explanation:
ESXi Certificate Replacement
For ESXi hosts, you can change certificate provisioning behavior from the vSphere Web Client.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-5FE583A2-3737-4B62-A905-5BB38D479AE0.html
QUESTION 16
Lockdown Mode has been enabled on an ESXi 6.x host and users are restricted from logging into the Direct Console User Interface (DCUI).
Which two statements are true given this configuration? (Choose two.)
A. A user granted administrative privileges in the Exception User list can login.
B. A user defined in the DCUI.Access without administrative privileges can login.
C. A user defined in the ESXi Admins domain group can login.
D. A user set to the vCenter Administrator role can login.
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
In normal lockdown mode the DCUI service is not stopped. If the connection to the vCenter Server is lost and access through the vSphere Web Client is no longer
available, privileged accounts can log in to the ESXi host's Direct Console Interface and exit lockdown mode. Only these accounts can access the Direct Console User
Interface:
Accounts in the Exception User list for lockdown mode who have administrative privileges on the host. The Exception Users list is meant for service accounts that
perform very specific tasks. Adding ESXi administrators to this list defeats the purpose of lockdown mode.
Users defined in the DCUI.Access advanced option for the host. This option is for emergency access to the Direct Console Interface in case the connection to vCenter
Server is lost. These users do not require administrative privileges on the host.
Reference:
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1008077
QUESTION 17
Strict Lockdown Mode has been enabled on an ESXi host.
Which action should an administrator perform to allow ESXi Shell or SSH access for users with administrator privileges?
A. Grant the users the administrator role and enable the service.
B. Add the users to Exception Users and enable the service.
C. No action can be taken, Strict Lockdown Mode prevents direct access.
D. Add the users to vsphere.local and enable the service.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
In strict lockdown mode the DCUI service is stopped. If the connection to vCenter Server is lost and the vSphere Web Client is no longer available, the ESXi host becomes
unavailable unless the ESXi Shell and SSH services are enabled and Exception Users are defined. If you cannot restore the connection to the vCenter Server system, you
have to reinstall the host.
Reference:
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1008077
QUESTION 18
A common root user account has been configured for a group of ESXi 6.x hosts.
Which two steps should be taken to mitigate security risks associated with this configuration? (Choose two.)
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
Explanation:
root User Privileges
By default each ESXi host has a single root user account with the Administrator role. That root user account can be used for local administration and to connect the host
to vCenter Server.
This common root account can make it easier to break into an ESXi host and make it harder to match actions to a specific administrator.
Set a highly complex password for the root account and limit the use of the root account, for example, for use when adding a host to vCenter Server. Do not remove the
root account. In vSphere 5.1 and later, only the root user and no other named user with the Administrator role is permitted to add a host to vCenter Server.
Best practice is to ensure that any account with the Administrator role on an ESXi host is assigned to a specific user with a named account. Use ESXi Active Directory
capabilities, which allow you to manage Active Directory credentials if possible.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-55F14938-8A2F-4703-8A60-3516F9C3E312.html
QUESTION 19
An administrator wants to configure an ESXi 6.x host to use Active Directory (AD) to manage users and groups. The AD domain group ESX Admins is planned
for administrative access to the host.
Which two conditions should be considered when planning this configuration? (Choose two.)
A. If administrative access for ESX Admins is not required, this setting can be altered.
B. The users in ESX Admins are not restricted by Lockdown Mode.
C. An ESXi host provisioned with Auto Deploy cannot store AD credentials.
D. The users in ESX Admins are granted administrative privileges in vCenter Server.
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Configure a Host to Use Active Directory
You can configure a host to use a directory service such as Active Directory to manage users and groups.
When you add an ESXi host to Active Directory the DOMAIN group ESX Admins is assigned full administrative access to the host if it exists. If you do not want to make
full administrative access available, see VMware Knowledge Base article 1025569 for a workaround.
If a host is provisioned with Auto Deploy, Active Directory credentials cannot be stored on the hosts. You can use the vSphere Authentication Proxy to join the host to an
Active Directory domain. Because a trust chain exists between the vSphere Authentication Proxy and the host, the Authentication Proxy can join the host to the Active
Directory domain. See Using vSphere Authentication Proxy.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-63D22519-38CC-4A9F-AE85-97A53CB0948A.html
QUESTION 20
Which two advanced features should be disabled for virtual machines that are only hosted on a vSphere system? (Choose two.)
A. isolation.tools.unity.push.update.disable
B. isolation.tools.ghi.launchmenu.change
C. isolation.tools.bbs.disable
D. isolation.tools.hgfsServerSet.enable
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Disable Unexposed Features
VMware virtual machines are designed to work on both vSphere systems and hosted virtualization platforms such as Workstation and Fusion. Certain VMX parameters do
not need to be enabled when you run a virtual machine on a vSphere system. Disable these parameters to reduce the potential for vulnerabilities.
Prerequisites
Turn off the virtual machine.
Procedure
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-60E83710-8295-41A2-9C9D-83DEBB6872C2.html
QUESTION 21
To reduce the attack vectors for a virtual machine, which two settings should an administrator set to false? (Choose two.)
A. ideX:Y.present
B. serial.present
C. ideX:Y.enabled
D. serial.enabled
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Removing Unnecessary Hardware Devices
Any enabled or connected device represents a potential attack channel. Users and processes without privileges on a virtual machine can connect or disconnect hardware
devices, such as network adapters and CD-ROM drives. Attackers can use this capability to breach virtual machine security. Removing unnecessary hardware devices
can help prevent attacks.
Use the following guidelines to increase virtual machine security.
Ensure that unauthorized devices are not connected and remove any unneeded or unused hardware devices.
Disable unnecessary virtual devices from within a virtual machine. An attacker with access to a virtual machine can connect a disconnected CD-ROM drive and access
sensitive information on the media left in the drive, or disconnect a network adapter to isolate the virtual machine from its network, resulting in a denial of service.
Ensure that no device is connected to a virtual machine if it is not required. Serial and parallel ports are rarely used for virtual machines in a datacenter environment,
and CD/DVD drives are usually connected only temporarily during software installation.
For less commonly used devices that are not required, either the parameter should not be present or its value must be false. Ensure that the following parameters are
either not present or set to false unless the device is required.
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-822B2ED3-D8D2-4F57-8335-CA46E915A729.html
QUESTION 22
Which two groups of settings should be reviewed when attempting to increase the security of virtual machines (VMs)? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Securing Virtual Machines
The guest operating system that runs in the virtual machine is subject to the same security risks as a physical system. Secure virtual machines as you would secure
physical machines.
Subtopics
General Virtual Machine Protection
Configuring Logging Levels for the Guest Operating System
Limiting Exposure of Sensitive Data Copied to the Clipboard
Disable Unexposed Features
Limiting Guest Operating System Writes to Host Memory
Removing Unnecessary Hardware Devices
Prevent a Virtual Machine User or Process from Disconnecting Devices
Prevent a Virtual Machine User or Process from Disconnecting Devices in the vSphere Web Client
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp#com.vmware.vsphere.security.doc/GUID-CF45F448-2036-4BE3-8829-4A9335072349.html
QUESTION 23
Which password meets ESXi 6.x host password requirements?
A. 8kMVnn2x!
B. zNgtnJBA2
C. Nvgt34kn44
D. !b74wr
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
ESXi Passwords
By default, ESXi enforces requirements for user passwords.
Your user password must meet the following length requirements.
■ Passwords containing characters from one or two character classes must be at least eight characters long.
■ Passwords containing characters from three character classes must be at least seven characters long.
■ Passwords containing characters from all four character classes must be at least six characters long.
When you create a password, include a mix of characters from four character classes: lowercase letters, uppercase letters, numbers, and special characters such as an
underscore or dash.
The password cannot contain the words root, admin, or administrator in any form.
Reference:
https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-DC96FFDB-F5F2-43EC-8C73-05ACDAE6BE43.html
QUESTION 24
An administrator would like to use a passphrase for their ESXi 6.x hosts which has these characteristics:
Minimum of 21 characters
Minimum of 2 words
Which advanced options must be set to allow this passphrase configuration to be used?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
B-) ESXi Passwords and Account Lockout
For ESXi hosts, you have to use a password with predefined requirements. You can change the required length and character class requirement or allow pass phrases
using the Security.PasswordQualityControl advanced option.ESXi uses the Linux PAM module pam_passwdqc for password management and control. See the manpages
for pam_passwdqc for detailed information.
ESXi Passwords: ESXi enforces password requirements for direct access from the Direct Console User Interface, the ESXi Shell, SSH, or the vSphere Client. When you
create a password, include a mix of characters from four character classes: lowercase letters, uppercase letters, numbers, and special characters such as underscore or
dash.(link : https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-DC96FFDB-F5F2-43EC-8C73-05ACDAE6BE43.html )
QUESTION 25
Which Advanced Setting should be created for the vCenter Server to change the expiration policy of the vpxuser password?
A. VimPasswordExpirationInDays
B. VimExpirationPasswordDays
C. VimPassExpirationInDays
D. VimPasswordRefreshDays
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-96210743-0C17-4AE9-89FC-76778EC9D06E.html
QUESTION 26
An administrator has been instructed to secure existing virtual machines in vCenter Server.
Which two actions should the administrator take to secure these virtual machines? (Choose two.)
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference:
http://www.vmware.com/files/pdf/techpaper/VMW-TWP-vSPHR-SECRTY-HRDNG-USLET-101-WEB-1.pdf
QUESTION 27
An administrator has recently audited the environment and found numerous virtual machines with sensitive data written to the configuration files.
To prevent this in the future, which advanced parameter should be applied to the virtual machines?
A. isolation.tools.setinfo.disable = true
B. isolation.tools.setinfo.enable = true
C. isolation.tools.setinfo.disable = false
D. isolation.tools.setinfo.enable = false
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Litmit SETINFO Messages
Now if you read through the hardening guide, you’ll come cross a section that covers informational messages, otherwise known as SETINFO messages.
Now my understanding is that currently there is no limitation on the amount of data that can be sent from VMware tools to the host, so you can imagine it wouldn’t be hard
to write some code to continuously send huge amounts of data. So lets looks at how to limit this to something more acceptable as per the hardening guide.
tools.setInfo.sizeLimit = “1048576”
Now you can actually totally disable this using the following
isolation.tools.setInfo.disable = “true”
But this stops the Virtual Center client from displaying any information about the Virtual Machine, e.g. IP Address, DNS information. So for a production environment I
would recommend setting a limit rather then totally disabling.
Reference:
https://goingvirtual.wordpress.com/2009/07/11/locking-down-vmware-tools/
QUESTION 28
Which two statements are correct regarding vSphere certificates? (Choose two.)
A. ESXi host upgrades do not preserve the SSL certificate and reissue one from the VMware Certificate Authority (VMCA).
B. ESXi host upgrades preserve the existing SSL certificate.
C. ESXi hosts have assigned SSL certificates from the VMware Certificate Authority (VMCA) during install.
D. ESXi hosts have self-signed SSL certificates by default.
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
Explanation:
B-) ESXi hosts that are upgraded from vSphere 5.x to vSphere 6.0 will continue using their Certificate Authority signed certificates if they were replaced in the previous
versions. However, ESXi 5.x hosts that were running self-signed certificates and then upgraded to vSphere 6.0 will have their certificates regenerated using VMware-
signed.
Fo rmore info link:
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2113926
C-) In vSphere 6.0, VMware tried to address SSL certificates in a different manner. It introduced a new component called the "Platform Services Controller."
The Platform Services Controller includes a fully-functional certificate authority, called the VMware Certification Authority (VMCA), that automatically manages
the certificates used in vCenter and the ESXi hosts.
There are two steps to complete. First, you need to retrieve the root certificate from vCenter and convert it into something usable. Once you've done that, you need to
deploy it as a Trusted Root Certificate. The easiest way to do this with multiple computers is to use Group Policy. Here are the steps to retrieve the certificate:
1.Open your Web browser.
2.Navigate to https://<fqdn of vcenter>
3. In the lower right-hand corner, click the Download Trusted Root CA link.------ for more:
https://pubs.vmware.com/vsphere-60/index.jsp#com.vmware.vsphere.security.doc/GUID-C91AFFAD-A830-4BBE-BF7C-F779A3AD03F1.html?resultof=%2522%2573%
2573%256c%2522%2520
QUESTION 29
Which three options are available for replacing vCenter Server Security Certificates? (Choose three.)
Explanation/Reference:
Explanation:
ESXi Certificate Replacement
For ESXi hosts, you can change certificate provisioning behavior from the vSphere Web Client.
Referance:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc%2FGUID-4469A6D3-048A-471C-9CB4-518A15EA2AC0.html
QUESTION 30
When attempting to log in with the vSphere Web Client, users have reported the error:
Incorrect Username/Password
The administrator has configured the Platform Services Controller Identity Source as:
Type. Active Directory as an LDAP Server
Domain: vmware.com
Alias: VMWARE
Default Domain: Yes
Which two statements would explain why users cannot login to the vSphere Web Client? (Choose two.)
Explanation/Reference:
Explanation:
A-) As written in the KB 2034608 (Unlocking and resetting the VMware vCenter Single Sign-On administrator password) you can have this problem also in a case of
multiple login failure (by default the account get locket if the password is incorrectly entered three times).
For VMware Platform Services Controller 6.0, if you want just to unlock the password:
FAQ’S: VMware Platform Services Controller (PSC) for vSphere 6.0. The PSC contains common infrastructure services such as vCenter Single Sign-On (SSO), VMware
Certificate Authority (VMCA), licensing, and server reservationandregistrationservices. https://kb.vmware.com/selfservice/microsites/search.do?
language=en_US&cmd=displayKC&externalId=2113115
B-) Depending on the type of Microsoft Active Directory trusts used in an environment, some features, such as Active Directory user querying and user authentication, may
be limited from the vSphere Client and vSphere Web Client. For more info: https://kb.vmware.com/selfservice/microsites/search.do?
language=en_US&cmd=displayKC&externalId=2064250
QUESTION 31
Which group in the vsphere.local domain will have administrator privileges for the VMware Certificate Authority (VMCA)?
A. SolutionUsers
B. CAAdmins
C. DCAAdmins
D. SystemConfiguration.Administrators
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Members of the CAAdmins group have administrator privileges for VMCA. Adding members to these groups is not usually recommended.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-87DA2F34-DCC9-4DAB-8900-1BA35837D07E.html
QUESTION 32
Which Platform Service Controller Password Policy determines the number of days a password can exist before the user must change it?
A. Maximum Lifetime
B. Password Age
C. Maximum Days
D. Password Lifetime
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Configure SSO policies
- Password Policy: You can configure the following parameters:
- Description – Password policy description. Required.
- Maximum lifetime – Maximum number of days that a password can exist before it has to be changed.
- Restrict re-use – Number of the user’s previous passwords that cannot be set again.
- Maximum length – Maximum number of characters that are allowed in the password.
- Minimum length – Minimum number of characters required in the password.
- Character requirements – Minimum number of different character types required in the password.
- Identical adjacent characters – Maximum number of identical adjacent characters allowed in the password.
Reference:
http://davidstamen.com/certification/section-1-configure-and-administer-vsphere-6x-security/
QUESTION 33
An administrator is configuring the clock tolerance for the Single Sign-On token configuration policy and wants to define the time skew tolerance between a client and the
domain controller clock.
A. Milliseconds
B. Seconds
C. Minutes
D. Hours
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Time difference, in milliseconds, that vCenter Single Sign-On tolerates between a client clock and the domain controller clock. If the time difference is greater than the
specified value, vCenter Single Sign-On declares the token invalid.
Reference:
https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-50F2D815-4F67-4267-A005-B8158DADCBC9.html
QUESTION 34
Which VMware Single Sign-On component issues Security Assertion Markup Language (SAML) tokens?
Explanation/Reference:
Explanation:
The STS service issues Security Assertion Markup Language (SAML) tokens. These security tokens represent the identity of a user in one of the identity source types
supported byvCenter Single Sign-On. The SAML tokens allow both human users and solution users who authenticate successfully to vCenter Single Sign-On to use any
vCenter service that vCenter Single Sign-On supports without authenticating again to each service.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc%2FGUID-90C1E3DC-4397-4BF0-808E-DF3802E56BC6.html
QUESTION 35
Which two are valid Identity Sources when configuring vCenter Single Sign-On? (Choose two.)
A. Radius
B. NIS
C. OpenLDAP
D. LocalOS
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-B23B1360-8838-4FF2-B074-71643C4CB040.html
QUESTION 36
An administrator needs to create an Integrated Windows Authentication (IWA) Identity Source on a newly deployed vCenter Server Appliance (VCSA).
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
Explanation: A-) Configuring Active Directory as Identity Source for use with SSO 6.0 can be done in 2 ways
a. Use the Machine Account(Any AD Account) b. Use with Service Principal Name
b. Prerequisites :1. A domain account with domain administrator privileges is required when assigning a SPN to an account. 2. A domain account with domain user
privileges is a minimum requirement for the account to be used as the SPN account.
c. https://pubs.vmware.com/vsphere-60/index.jsp#com.vmware.vsphere.security.doc/GUID-4D24C6E8-63F5-4E35-862E-B59A03703254.html?resultof=%2522%2573%
2570%256e%2522%2520
C-) VCSA- If you want to configure permissions for users and groups from an Active Directory domain to access the vCenter Server components, you must join its
associated embedded or external Platform Services Controller instance to the Active Directory domain.
https://pubs.vmware.com/vsphere60/index.jsp?topic=%2Fcom.vmware.vsphere.vcsa.doc%2FGUID-08EA2F92-78A7-4EFF-880E-2B63ACC962F3.html
QUESTION 37
An administrator wants to reduce the memory overhead for a 3D graphics enabled virtual machine (VM).
What advanced feature can be added to the VM configuration file to reduce memory overhead?
A. vga.vgaOnly=TRUE
B. vga.svgaEnable=FALSE
C. svgaEnabled=FALSE
D. svgaDisable=TRUE
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Reduce Memory Overhead for Virtual machines with 3D graphics Option
Virtual machines with the 3D graphics option enabled can have higher memory consumption than other virtual machines. You can reduce the memory overhead by editing
the configuration file (.vmx file) of your virtual machines and disabling certain memory related settings. Reducing the memory overhead of virtual machines can help you
increase the number of virtual machines per host.
Prerequisites
Verify that your virtual machines are using hardware version 10 or later.
Procedure
1 Shut down the virtual machine on which the 3D graphics option is enabled.
2 Disable the Accelerate 3D Graphics option.
3 Upgrade your ESXi host to use the features available in hardware version 10 or later.
4 Set the maximum size of your display to the size you need.
5 Locate the configuration file (.vmx) of your virtual machine.
6 Open the virtual machine configuration file in a text editor and add the line, vga.vgaOnly=TRUE.
This option removes all graphics and SVGA functionality from your SVGA device, but does not remove the settings that allow BIOS to enter VGA mode.
7 Save the changes and exit the text editor.
8 Power on your virtual machine and check the display console.
9 Verify the memory reservation settings in the vmware.log file.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.vm_admin.doc%2FGUID-FAB0E2C3-3474-461D-99BC-549F7E21FE85.html
QUESTION 38
An administrator is building a large virtual machine that will require as many vCPUs as the host can support. An ESXi 6.x host has these specifications:
Six 32-core Intel Xeon Processors
256 GB of Memory
512 GB Local disk space using VMFS5
What is the maximum number of virtual CPUs that the virtual machine can be allocated?
A. 64
B. 128
C. 192
D. 256
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference:
https://www.vmware.com/pdf/vsphere6/r60/vsphere-60-configuration-maximums.pdf
QUESTION 39
Which two features are available for virtual machines configured with DirectPath I/O? (Choose two.)
A. Fault Tolerance
B. Suspend and Resume
C. Virtual Symmetric Multi-Processing (vSMP)
D. Virtual Non-Uniform Memory Access (vNUMA)
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
DirectPath I/O
DirectPath I/O allows virtual machine access to physical PCI functions on platforms with an I/O Memory Management Unit.
The following features are unavailable for virtual machines configured with DirectPath:
■ Hot adding and removing of virtual devices
■ Suspend and resume
■ Record and replay
■ Fault tolerance
■ High availability
■ DRS (limited availability. The virtual machine can be part of a cluster, but cannot migrate across hosts)
■ Snapshots
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.networking.doc%2FGUID-BF2770C3-39ED-4BC5-A8EF-77D55EFE924C.html
QUESTION 40
An administrator is creating a new Content Library. It will subscribe to another remote Content Library without authentication enabled.
What information from the published library will they need in order to complete the subscription?
A. Subscription URL
B. A security password from the publishing Content Library
C. Publisher's Items.json file
D. Username from the publishing Content Library
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Subscribed content library
Creates a content library, which is subscribed to a published content library. You can only sync the subscribed library with the published library to see up-to-date content,
but you cannot add or remove content from the subscribed library. Only an administrator of the published library can add, modify, and remove contents from the published
library.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.vm_admin.doc%2FGUID-2A0F1C13-7336-45CE-B211-610D39A6E1F4.html
QUESTION 41
An administrator is assigning a user the Content Library administrator role. The user will only be creating the library for a single vCenter Server.
What is the lowest level of the permission heirarchy that this role can be granted to the user and still allow them to create a Content Library?
A. Global
B. Datacenter Folder
C. Virtual Center
D. Datacenter
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 42
A user notifies an administrator that Content Libraries are not visible.
A. Assign the user the read-only role at the global permission level.
B. Assign the user the read-only role at the vCenter Server root level.
C. Assign the user the read-only role at the vCenter Server data center level.
D. Assign the user the read-only role at the vCenter Server cluster level.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.vm_admin.doc%2FGUID-18F4B892-D685-4473-AC25-3195D68DFD90.html
QUESTION 43
When a Content Library is deleted, what happens to the files contained on the backing storage?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Delete a Content Library
When you no longer need a content library, you can invoke the delete method on either the LocalLibrary or the SubscribedLibraryservice depending on the library type.
Procedure
1Access the SubscribedLibrary or the LocalLibrary service by using the vCloud Suite Endpoint.
2Retrieve the library ID you want to delete.
3Call the delete function on the library service and pass the library ID as argument.
All library items cashed on the storage backing are removed asynchronously. If this operation fails, you must manually remove the content of the library.
https://pubs.vmware.com/vsphere-60/index.jsp#com.vmware.vapi.progguide.doc/GUID-C3A2DD49-BF41-43CD-9AEC-D6F28A9F3AF4.html?resultof=%2522%
QUESTION 44
Which three connection types are supported between a remote site and vCloud Air? (Choose three.)
Explanation/Reference:
Explanation:
Reference:
http://pubs.vmware.com/vca/topic/com.vmware.ICbase/PDF/vcloud_air_networking_guide.pdf
QUESTION 45
An administrator subscribes to the vCloud Air Disaster Recovery service.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
VMware provides a disaster recovery service that lets you protect your workloads from a disaster or disruptive event by replicating them to the cloud. You can replicate
virtual machines from your vSphere-based source site to vCloud Air, and recover and use the replicated virtual machines in the cloud if the source site is unavailable.
The Disaster Recovery service is based on vSphere Replication, an extension to VMware vSphere that provides hypervisor-based virtual machine replication and
recovery.
You use vSphere Replication at your source site to configure your environment and replicate virtual machines to vCloud Air. You can use vSphere Replication, thevCloud
Air portal, or the vCloud Air plug-in to monitor and manage the replicated virtual machines in the cloud.
Reference:
http://pubs.vmware.com/vchsplugin-15/index.jsp?topic=%2Fcom.vmware.vchsplugin.doc%2FGUID-92B7E03C-8DDE-4F91-A64C-8E5AF7BD0F66.html
QUESTION 46
Refer to the Exhibit.
An administrator is adding an Active Directory over LDAP Identity Source for vCenter Single Sign-On, as indicated in the Exhibit.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Domain alias
(Optional) The domain's NetBIOS name.
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-B23B1360-8838-4FF2-B074-71643C4CB040.html
QUESTION 47
Refer to the Exhibit.
An administrator is changing the settings on a vSphere Distributed Switch (vDS). During this process, the ESXi Management IP address is set to an address which can no
longer communicate with the vCenter Server.
A. The host will disconnect from the vCenter Server and remain disconnected.
B. The host will automatically detect the communication issue and revert the change.
C. The host will stay connected with the change, but show an alert.
D. The host will disconnect and migrate the vDS portgroup to a standard switch.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation: Procedure
1.Connect to the DCUI of the host.
2From the Network Restore Options menu, select Restore vDS.
3.Configure the uplinks and optionally the VLAN for the management network.
4. Apply the configuration.
The DCUI creates a local ephemeral port and applies the values you provided for the VLAN and uplinks. The DCUI moves the VMkernel adapter for the management
network to the new local port to restore connectivity to vCenter Server.
Next Steps:
After the connection of the host to vCenter Server is restored, correct the configuration of the distributed port group and re-add the VMkernel adapter to the group.
For information about networking rollback, recovery, and restore, see the vSphere Networking documentation: Wait until vCenter Server applies the settings within the
next 24 hours.
QUESTION 48
Which secondary Private VLAN (PVLAN) type can communicate and send packets to an Isolated PVLAN?
A. Community
B. Isolated
C. Promiscuous
D. Primary
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Private VLANs
Private VLANs are used to solve VLAN ID limitations and waste of IP addresses for certain network setups.
A private VLAN is identified by its primary VLAN ID. A primary VLAN ID can have multiple secondary VLAN IDs associated with it. Primary VLANs are Promiscuous, so
that ports on a private VLAN can communicate with ports configured as the primary VLAN. Ports on a secondary VLAN can be either Isolated, communicating only with
promiscuous ports, or Community, communicating with both promiscuous ports and other ports on the same secondary VLAN.
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.networking.doc%2FGUID-A9287D46-FDE0-4D64-9348-3905FEAC7FAE.html
QUESTION 49
Which three traffic types can be configured for dedicated VMkernel adapters? (Choose three.)
A. Discovery traffic
B. vMotion traffic
C. vSphere Replication NFC traffic
D. Provisioning traffic
E. vSphere Custom traffic
Explanation/Reference:
Explanation:
Securing System Traffic
Take appropriate security measures to prevent unauthorized access to the management and system traffic in your vSphere environment. For example, isolate the vMotion
traffic in a separate network that includes only the ESXi hosts that participate in the migration. Isolate the management traffic in a network that only network and security
administrators are able to access. For more information, see vSphere Security and vSphere Installation and Setup.
System Traffic Types
You should dedicate a separate VMkernel adapter for every traffic type. For distributed switches, dedicate a separate distributed port group for each VMkernel adapter.
Management traffic
Carries the configuration and management communication for ESXi hosts, vCenter Server, and host-to-host High Availability traffic. By default, when you install
the ESXi software, a vSphere Standard switch is created on the host together with a VMkernel adapter for management traffic. To provide redundancy, you can connect
two or more physical NICs to a VMkernel adapter for management traffic.
vMotion traffic
Accommodates vMotion. A VMkernel adapter for vMotion is required both on the source and the target hosts. The VMkernel adapters for vMotion should handle only the
vMotion traffic. For better performance, you can configure multiple NIC vMotion. To have multi NIC vMotion, you can dedicate two or more port groups to the vMotion
traffic, respectively every port group must have a vMotion VMkernel adapter associated with it. Then you can connect one or more physical NICs to every port group. In
this way, multiple physical NICs are used for vMotion, which results in greater bandwidth.
Note
vMotion network traffic is not encrypted. You should provision secure private networks for use by vMotion only.
Provisioning traffic
Handles the data that is transferred for virtual machine cold migration, cloning, and snapshot creation.
IP storage traffic and discovery
Handles the connection for storage types that use standard TCP/IP networks and depend on the VMkernel networking. Such storage types are software iSCSI, depended
hardware iSCSI, and NFS. If you have two or more physical NICs for iSCSI, you can configure iSCSI multipathing.ESXi hosts support only NFS version 3 over TCP/IP. To
configure a software FCoE (Fibre Channel over Ethernet) adapter, you must have a dedicated VMkernel adapter. Software FCoE passes configuration information though
the Data Center Bridging Exchange (DCBX) protocol by using the Cisco Discovery Protocol (CDP )VMkernel module.
Fault Tolerance traffic
Handles the data that the primary fault tolerant virtual machine sends to the secondary fault tolerant virtual machine over the VMkernel networking layer. A separate
VMkernel adapter for Fault Tolerance logging is required on every host that is part of a vSphere HA cluster.
vSphere Replication traffic
Handles the outgoing replication data that the source ESXi host transfers to the vSphere Replication server. Dedicate a VMkernel adapter on the source site to isolate the
outgoing replication traffic.
vSphere Replication NFC traffic
Handles the incoming replication data on the target replication site.
Virtual SAN traffic
Every host that participates in a Virtual SAN cluster must have a VMkernel adapter to handle the Virtual SAN traffic.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.networking.doc%2FGUID-D4191320-209E-4CB5-A709-C8741E713348.html
QUESTION 50
What are two limitations of Link Aggregation Control Protocol (LACP) on a vSphere Distributed Switch? (Choose two.)
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
LACP Limitations on a vSphere Distributed Switch
Link Aggregation Control Protocol (LACP) on a vSphere distributed switch allows network devices to negotiate automatic bundling of links by sending LACP packets to a
peer. However, there are some limitations when using LACP with a vSphere distributed switch.
■ LACP only works with IP Hash load balancing and Link Status Network failover detection.
■ LACP is not compatible with iSCSI software multipathing.
■ vSphere only supports one LACP group per distributed switch, and only one LACP group per host.
■ LACP settings do not exist in host profiles.
■ LACP between two nested ESXi hosts is not possible.
■ LACP does not work with port mirroring.
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.networking.doc%2FGUID-3FDE1E96-9217-4FE6-8B76-6E3A64766828.html
QUESTION 51
Which two features are deprecated in Network I/O Control 3 (NIOC3)? (Choose two.)
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
Explanation : The upgrade of a NIOC to version 3 is disruptive. Certain functionality is available only in NIOC v2 and is removed during the upgrade to version 3:
User-defined network resource pools including all associations between them and existing distributed port groups
You can preserve certain resource allocation settings by transferring the shares from the user-defined network resource pools to shares for individual network
adapters.
Existing associations between ports and user-defined network resource pools
In Network I/O Control version 3, you cannot associate an individual distributed port to a network resource pool that is different from the pool assigned to the parent
port group.
CoS tagging of the traffic that is associated with a network resource pool
Network I/O Control version 3 does not support marking traffic that has higher QoS demands with CoS tags. After the upgrade, to restore CoS tagging of traffic that
was associated with a user-defined network resource pool, use the traffic filtering and marking networking policy.
Reference: http://www.virten.net/2015/09/vcp6-delta-part-7-network-enhancements/
QUESTION 52
An administrator runs the command esxcli storage core device list and sees the following output:
mpx.vmhba1:C0:T0:L0 Display Name: RAID 5 (mpx.vmhba1:C0:T0:L0) Has Settable Display Name: false SizE. 40960 Device Type: Direct-Access Multipath Plugin: NMP
Devfs Path: /vmfs/devices/disks/mpx.vmhba1:C0:T0:L0 Status: off Is Local: true
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation : Symptoms
Permanent Device Loss (PDL)
A datastore is shown as unavailable in the Storage view
A storage adapter indicates the Operational State of the device as Lost Communication
All paths to the device are marked as Dead
In the /var/log/vmkernel.log file, you see entries similar to:
cpu2:853571)VMW_SATP_ALUA: satp_alua_issueCommandOnPath:661: Path "vmhba3:C0:T0:L0" (PERM LOSS) command 0xa3 failed with status Device is
permanently unavailable. H:0x0 D:0x2 P:0x0 Valid sense data: 0x5 0x25 0x0.
cpu2:853571)VMW_SATP_ALUA: satp_alua_issueCommandOnPath:661: Path "vmhba4:C0:T0:L0" (PERM LOSS) command 0xa3 failed with status Device is
permanently unavailable. H:0x0 D:0x2 P:0x0 Valid sense data: 0x5 0x25 0x0.
cpu2:853571)WARNING: vmw_psp_rr: psp_rrSelectPathToActivate:972:Could not select path for device "naa.60a98000572d54724a34642d71325763".
cpu2:853571)WARNING: ScsiDevice: 1223: Device :naa.60a98000572d54724a34642d71325763 has been removed or is permanently inaccessible.
cpu3:2132)ScsiDeviceIO: 2288: Cmd(0x4124403c1fc0) 0x9e, CmdSN 0xec86 to dev "naa.60a98000572d54724a34642d71325763" failed H:0x8 D:0x0 P:0x0
cpu3:2132)WARNING: NMP: nmp_DeviceStartLoop:721:NMP Device "naa.60a98000572d54724a34642d71325763" is blocked. Not starting I/O from device.
cpu2:2127)ScsiDeviceIO: 2316: Cmd(0x4124403c1fc0) 0x25, CmdSN 0xecab to dev "naa.60a98000572d54724a34642d71325763" failed H:0x1 D:0x0 P:0x0 Possible
sense data: 0x5 0x25 0x0.
cpu2:854568)WARNING: ScsiDeviceIO: 7330: READ CAPACITY on device "naa.60a98000572d54724a34642d71325763" from Plugin "NMP" failed. I/O error
cpu2:854568)ScsiDevice: 1238: Permanently inaccessible device :naa.60a98000572d54724a34642d71325763 has no more open connections. It is now safe to unmount
datastores (if any) and delete the device.
cpu3:854577)WARNING: NMP: nmpDeviceAttemptFailover:562:Retry world restore device "naa.60a98000572d54724a34642d71325763" - no more commands to retry
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2004684
QUESTION 53
What are two use cases for Fibre Channel Zoning in a vSphere environment? (Choose two.)
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
Explanation : Using Zoning with Fibre Channel SANs
Zoning provides access control in the SAN topology. Zoning defines which HBAs can connect to which targets. When you configure a SAN by using zoning, the devices
outside a zone are not visible to the devices inside the zone.
Zoning has the following effects:
Reduces the number of targets and LUNs presented to a host.
Controls and isolates paths in a fabric.
Can prevent non-ESXi systems from accessing a particular storage system, and from possibly destroying VMFS data.
Can be used to separate different environments, for example, a test from a production environment.
Reference: https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-60-storage-guide.pdf
QUESTION 54
Which two considerations should an administrator keep in mind when booting from Software Fiber Channel over Ethernet (FCoE)? (Choose two.)
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
Explanation : Considerations
You cannot change software FCoE boot configuration from within ESX
Coredump is not supported on any software FCoE LUNs, including the boot LUN.
Multipathing is not supported at pre-boot.
Boot LUN cannot be shared with other hosts even on shared storage
Reference: https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-60-storage-guide.pdf
QUESTION 55
An administrator notices that there is an all paths down (APD) event occurring for the software FCoE storage.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation : Configuration Guidelines for Software FCoE
When setting up your network environment to work with ESXi software FCoE, follow the guidelines and best practices that VMware offers.
Network Switch Guidelines
Follow these guidelines when you configure a network switch for software FCoE environment:
On the ports that communicate with your ESXi host, disable the Spanning Tree Protocol (STP). Having the STP enabled might delay the FCoE Initialization Protocol
(FIP) response at the switch and cause an all paths down (APD) condition. The FIP is a protocol that FCoE uses to discover and initialize FCoE entities on the
Ethernet.
Turn on Priority-based Flow Control (PFC) and set it to AUTO.
Make sure that you have a compatible firmware version on the FCoE switch.
Reference: https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-60-storage-guide.pdf
QUESTION 56
Which two statements are true regarding iSCSI adapters? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation : Software iSCSI Adapter
A software iSCSI adapter is a VMware code built into the VMkernel. It allows your host to connect to the iSCSI storage device through standard network adapters. The
software iSCSI adapter handles iSCSI processing while communicating with the network adapter. With the software iSCSI adapter, you can use iSCSI technology without
purchasing specialized hardware.
Hardware iSCSI Adapter A hardware iSCSI adapter is a third-party adapter that offloads iSCSI and network processing from your host. Hardware iSCSI adapters are
divided into categories.
Dependent Hardware iSCSI Adapter
Depends on VMware networking, and iSCSI configuration and management interfaces provided by VMware. This type of adapter can be a card that presents a standard
network adapter and iSCSI offload functionality for the same port. The iSCSI offload functionality depends on the host's network configuration to obtain the IP, MAC, and
other parameters used for iSCSI sessions. An example of a dependent adapter is the iSCSI licensed Broadcom 5709 NIC.
Independent Hardware iSCSI Adapter
Implements its own networking and iSCSI configuration and management interfaces. An example of an independent hardware iSCSI adapter is a card that either presents
only iSCSI offload functionality or iSCSI offload functionality and standard NIC functionality. The iSCSI offload functionality has independent configuration management
that assigns the IP, MAC, and other parameters used for the iSCSI sessions. An example of a independent adapter is the QLogic QLA4052 adapter.
Hardware iSCSI adapters might need to be licensed. Otherwise, they will not appear in the client or vSphere CLI. Contact your vendor for licensing information
Reference: https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-60-storage-guide.pdf
QUESTION 57
An administrator is configuring virtual machines to use Worldwide Port Names (WWPNs) to access the storage.
Which two conditions are required? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation: N-Port ID Virtualization
N-Port ID Virtualization (NPIV) is an ANSI T11 standard that describes how a single Fibre Channel HBA port can register with the fabric using several worldwide port
names (WWPNs). This allows a fabric-attached N-port to claim multiple fabric addresses. Each address appears as a unique entity on the Fibre Channel fabric
How NPIV-Based LUN Access Works
NPIV enables a single FC HBA port to register several unique WWNs with the fabric, each of which can be assigned to an individual virtual machine.
SAN objects, such as switches, HBAs, storage devices, or virtual machines can be assigned World Wide Name (WWN) identifiers. WWNs uniquely identify such objects
in the Fibre Channel fabric. When virtual machines have WWN assignments, they use them for all RDM traffic, so the LUNs pointed to by any of the RDMs on the virtual
machine must not be masked against its WWNs. When virtual machines do not have WWN assignments, they access storage LUNs with the WWNs of their host’s
physical HBAs. By using NPIV, however, a SAN administrator can monitor and route storage access on a per virtual machine basis. The following section describes how
this works.
Reference: https://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp#com.vmware.vsphere.config_fc.doc_40/esx_san_config/managing_san_systems/c_n-
port_id_virtualization.html
QUESTION 58
Which two statements are true regarding VMFS3 volumes in ESXi 6.x? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference: https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-60-storage-guide.pdf
QUESTION 59
Which three statements are correct regarding Fibre Channel over Ethernet (FCOE)? (Choose three.)
A. The network switch must have Priority-based Flow Control (PFC) set to AUTO.
B. The network switch must have Priority-based Flow Control (PFC) set to ON.
C. Each port on the FCoE card must reside on the same vSwitch.
D. Each port on the FCoE card must reside on a separate vSwitch.
E. The ESXi host will require a reboot after moving an FCoE card to a different vSwitch.
Explanation/Reference:
Explanation:
Reference: https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-60-storage-guide.pdf
QUESTION 60
Which two statements are true regarding Virtual SAN Fault Domains? (Choose two.)
A. They enable Virtual SAN to tolerate the failure of an entire physical rack.
B. Virtual SAN ensures that no two replicas are provisioned on the same domain.
C. Virtual SAN ensures that all replicas are provisioned on the same domain.
D. They require VMware High Availability (HA) to ensure component distribution across domains.
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation : Managing Fault Domains in Virtual SAN Clusters
If your Virtual SAN cluster spans across multiple racks or blade server chassis in a data center and you want to make sure that your hosts are protected against rack or
chassis failure, you can create fault domains and add one or more hosts to each fault domain.
A fault domain consists of one or more Virtual SAN hosts grouped together according to their physical location in the data center. When configured, fault domains enable
Virtual SAN to tolerate failures of entire physical racks as well as failures of a single host, capacity device, network link or a network switch dedicated to a fault domain.
Reference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.virtualsan.doc%2FGUID-8491C4B0-6F94-4023-8C7A-FD7B40D0368D.html
QUESTION 61
An administrator created a six node Virtual SAN cluster, created a fault domain, and moved three of the six nodes into that domain.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Defines the number of host and device failures a virtual machine object can tolerate. For n failures tolerated, n+1 copies of the virtual machine object are created and 2*n
+1 hosts contributing storage are required. When provisioning a virtual machine, if you do not choose a storage policy, Virtual SAN assigns this policy as the default virtual
machine storage policy.
Default value is 1. Maximum value is 3. If fault domains are configured, 2n+1 fault domains with hosts
contributing capacity are required. A host, which is not part of any fault domain is considered as its own single host fault domain.
Default value is 1. Maximum value is 3.
NOTE If you do not want Virtual SAN to protect a single mirror copy of virtual machine objects, you can specify the Number of failures to tolerate=0. However, the host
might experience unusual delays when
entering maintenance mode. The delay occurs because Virtual SAN has to evacuate the object from the host for the maintenance operation to complete successfully.
Setting the Number of failures to tolerate=0 means that your data is unprotected, and you might lose data when the Virtual SAN cluster encounters a device failure.
NOTE When creating a new storage policy, if you do not specify any value for Number of failures to tolerate, by default, Virtual SAN creates a single mirror copy of the
virtual machine objects and tolerates only one failure. However, in the event of a multiple component failures your data might be at risk.
link: https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/virtual-san-60-administration-guide.pdf
QUESTION 62
Where is a Virtual SAN Fault Domain configured?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: Procedure
1 Navigate to the Virtual SAN cluster in the vSphere Web Client.
2 Click the Manage tab and click Settings.
3 Under Virtual SAN, click Fault Domains and Stretched Cluster.
4 Click the Create a new fault domain icon ( ).
5 Type the fault domain name.
6 From the Show drop-down menu, select Hosts not in fault domain to view the list of hosts that are not assigned to a fault domain or select Show All Hosts to view all
hosts in the cluster.
7 Select one or more hosts to add to the fault domain.
A fault domain cannot be empty. You must select at least one host to include in the fault domain.
8 Click OK.
The selected hosts appear in the fault domain
Reference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.virtualsan.doc%2FGUID-C365ACE8-7485-4463-A12C-71D1917A4930.html
QUESTION 63
Which statement is true for the Path Selection Plug-In VMW_PSP_MRU?
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
VMW_PSP_MRU
The host selects the path that it used most recently. When the path becomes unavailable, the host selects an alternative path. The host does not revert back to the
original path when that path becomes available again. There is no preferred path setting with the MRU policy. MRU is the default policy for most active-passive storage
devices.
Reference: https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.vsphere.storage.doc%2FGUID-B7AD0CA0-CBE2-4DB4-A22C-AD323226A257.html
QUESTION 64
Which two tasks does the Pluggable Storage Architecture (PSA) perform? (Choose two.)
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
Explanation:
the PSA performs the following tasks:
■ Loads and unloads multipathing plug-ins.
■ Hides virtual machine specifics from a particular plug-in.
■ Routes I/O requests for a specific logical device to the MPP managing that device.
■ Handles I/O queueing to the logical devices.
■ Implements logical device bandwidth sharing between virtual machines.
■ Handles I/O queueing to the physical storage HBAs.
■ Handles physical path discovery and removal.
■ Provides logical device and physical path I/O statistics.
Reference: https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.vsphere.storage.doc%2FGUID-C1C4A725-8BE4-4875-919E-693812961366.html
QUESTION 65
Which two statements are true regarding Storage Multipathing Plug-Ins? (Choose two.)
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
Explanation : By default, the VMware NMP supports the following PSPs:
VMW_PSP_MRU
The host selects the path that it used most recently. When the path becomes unavailable, the host selects an alternative path. The host does not revert back to the
original path when that path becomes available again. There is no preferred path setting with the MRU policy. MRU is the default policy for most active-passive storage
devices.
Displayed in the vSphere Client as the Most Recently Used (VMware) path selection policy.
VMW_PSP_FIXED
The host uses the designated preferred path, if it has been configured. Otherwise, it selects the first working path discovered at system boot time. If you want the host to
use a particular preferred path, specify it manually. Fixed is the default policy for most active-active storage devices.
Note
If the host uses a default preferred path and the path's status turns to Dead, a new path is selected as preferred. However, if you explicitly designate the preferred
path, it will remain preferred even when it becomes inaccessible.
Reference: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.storage.doc%2FGUID-B7AD0CA0-CBE2-4DB4-A22C-AD323226A257.html
QUESTION 66
What is the command to list multipathing modules on an ESXi 6.x host?
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference:
https://pubs.vmware.com/vsphere50/index.jsp?topic=%2Fcom.vmware.vcli.ref.doc_50%2Fesxcli_storage.html
QUESTION 67
Which two solutions require Physical Mode Raw Device Mapping (RDM)? (Choose two.)
Correct Answer: AD
Section: (none)
Explanation
Explanation/Reference:
Explanation: A-) Note: RDM is not available for direct-attached block devices or certain RAID devices. You cannot map a disk partition as RDM. RDMs require the mapped
device to be a whole LUN.(storage array device)
D-) Guest Clustering----- Physical mode is useful while running SAN management agents or other SCSI target-based software in the virtual machine.
Physical mode also allows virtual-to-physical clustering for cost-effective high availability.
Virtual Machine Snapshots are not available when the RDM is used in physical compatibility mode.
You can use this mode for Physical-to-virtual clustering and cluster-across-boxes.
VMFS5 supports greater than 2 TB disk size for RDMs in physical compatibility mode only. These restrictions apply:
You cannot relocate larger than 2 TB RDMs to datastores other than VMFS5.
You cannot convert larger than 2 TB RDMs to virtual disks, or perform other operations that involve RDM to virtual disk conversion. Such operations include cloning.
FAQ: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1037959
QUESTION 68
A device's vStorage API for Array Integration (VAAI) support status command line output shows:
naa.500253825002a865 VAAI Plugin Name: ATS Status: unsupported Clone Status: unsupported Zero Status: supported Delete Status: unsupported
What is the corresponding VAAI support status in the vSphere Web Client?
A. Unknown
B. Supported
C. Not supported
D. Unsupported
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation : If you go to Host > Configuration > Storage, you can see the Hardware Acceleration Status in the panel on the right side.
For each storage device and datastore, the vSphere Client displays the hardware acceleration support status in the Hardware Acceleration column of the Devices view
and the Datastores view.
The status values are Unknown, Supported, and Not Supported. The initial value is Unknown. The status changes to Supportedafter the host successfully performs the
offload basic operations. If the offload operation fails, the status changes to Not Supported.
To determine if your storage device supports VAAI, test the Full Copy VAAI primitive:
1. Using the vSphere Client, browse the datastore and locate a virtual disk (VMDK) of at least 4 MB that is not in use.
2. Copy the virtual disk to a new file.
3. Check the Hardware Acceleration status to verify that it changes from Unknown to either Supported or Not Supported.
Note: VAAI primitives can also be tested by creating a virtual machine with at least one new virtual disk, or cloning a virtual machine.
On ESXi 5.x
mpx.vmhba1:C0:T1:L0
VAAI Plugin Name:
ATS Status: unsupported
Clone Status: unsupported
Zero Status: unsupported
Delete Status: unsupported
mpx.vmhba1:C0:T0:L0
VAAI Plugin Name:
ATS Status: unsupported
Clone Status: unsupported
Zero Status: unsupported
Delete Status: unsupported
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1021976
QUESTION 69
Refer to the Exhibit.
What will be the result of selecting the highlighted device?
A. Datastore will grow up to 200.01GB using the remaining free space on the device.
B. Datastore will add 200.01GB by adding the device as a second extent.
C. The device size can be expanded to be larger than 200.01 GB in size.
D. The device is not suitable for this operation.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
When you need to create new virtual machines on a datastore, or when the virtual machines running on this datastore require more space, you can dynamically increase
the capacity of a VMFS datastore.(200 GB)
Use one of the following methods:
-Add a new extent. An extent is a partition on a storage device, or LUN. You can add up to 32 new extents of the same storage type to an existing VMFS datastore. The
spanned VMFS datastore can use any of all its extents at any time. It does not need to fill up a particular extent before using the next one.
-Grow an extent in an existing VMFS datastore, so that it fills the available adjacent capacity. Only extents with free space immediately after them are expandable.
https://kb.vmware.com/kb/1017662
QUESTION 70
An administrator observes that virtual machine storage activity on an ESXi 6.x host is negatively affecting virtual machine storage activity on another host that is accessing
the same VMFS Datastore.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Enable Storage I/O Control. When you enable Storage I/O Control, ESX/ESXi monitors datastore latency and adjusts the I/O load sent to it, if datastore average latency
exceeds the threshold. Select a datastore in the vSphere Client inventory and click the Configuration tab.
https://kb.vmware.com/kb/1022091
QUESTION 71
An administrator is having a problem configuring Storage I/O Control on a Datastore.
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
A-) Storage I/O Control was introduced in vSphere 4.1, taking storage resource controls built into vSphere to a much broader level. In vSphere 5, Storage I/O Control has
been enhanced with support for NFS data stores and clusterwide I/O shares. Check vmware.com esxi versions enhancements, for further troubleshooting https://
kb.vmware.com/kb/1022091
B-)If hosts are not licensed at the appropriate level, the option to enable Storage I/O control is grayed out. Check: https://kb.vmware.com/kb/2021530
QUESTION 72
Which three are requirements for configuring Storage I/O Control (SIOC)? (Choose three.)
Explanation/Reference:
Explanation : Storage I/O Control Requirements Storage
I/O Control has several requirements and limitations.
Datastores that are Storage I/O Control-enabled must be managed by a single vCenter Server system.
Storage I/O Control is supported on Fibre Channel-connected and iSCSI-connected storage. NFS datastores and Raw Device Mapping (RDM) are not supported.
Storage I/O Control does not support datastores with multiple extents.
Before using Storage I/O Control on datastores that are backed by arrays with automated storage tiering capabilities, check the VMware Storage/SAN Compatibility
Guide to verify whether your automated tiered storage array has been certified to be compatible with Storage I/O Control.
Automated storage tiering is the ability of an array (or group of arrays) to migrate LUNs/volumes or parts of LUNs/volumes to different types of storage media (SSD, FC,
SAS, SATA) based on user-set policies and current I/O patterns. No special certification is required for arrays that do not have these automatic migration/tiering features,
including those that provide the ability to manually migrate data between different types of storage media.
Reference: http://www.vmware.com/pdf/vsphere4/r41/vsp_41_resource_mgmt.pdf
QUESTION 73
Refer to the Exhibit.
An administrator wishes to provide Load Balanced I/O for the device shown in the Exhibit.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation: Round Robin (RR): The VMW_PSP_RR policy uses an automatic path selection, rotating through all available paths, enabling the distribution of load across
the configured paths.
For Active/Passive storage arrays, only the paths to the active controller will be used in the Round Robin policy.
For Active/Active storage arrays, all paths will be used in the Round Robin policy.
Note: For logical units associated with Microsoft Cluster Service (MSCS) and Microsoft Failover Clustering virtual machines, the Round Robin pathing policy is supported
only on ESXi 5.5 and later.
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1011340
QUESTION 74
Refer to the Exhibit.
What is the expected effect on the stated device after running the command?
A. I/O will rotate on all storage targets regardless of port group state.
B. I/O will rotate on all storage targets that are Active Optimized state only.
C. I/O will rotate on all storage targets that are Active Unoptimized state only.
D. I/O will rotate on all storage targets that are on Available Nodes only.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference: https://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vcli.ref.doc_50%2Fesxcli_storage.html
QUESTION 75
An administrator is upgrading an ESXi 5.5 host to ESXi 6.x and gets the following error:
MEMORY_SIZE
What does this indicate?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
A-) ESXi 6.0 requires the NX/XD bit to be enabled for the CPU in the BIOS.
ESXi requires a minimum of 4GB of physical RAM. It is recommended to provide at least 8 GB of RAM to run virtual machines in typical production environments.
To support 64-bit virtual machines, support for hardware virtualization (Intel VT-x or AMD RVI) must be enabled on x64 CPUs.
http://pubs.vmware.com/vsphere60/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-DEB8086A-306B-4239-BF76-E354679202FC.html
QUESTION 76
An administrator is upgrading an ESXi host from 5.5 to 6.0 and runs the following command:
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Install vCLI or deploy the vSphere Management Assistant (vMA) virtual machine. See Getting Started with vSphere Command-Line Interfaces. For troubleshooting ,
run esxcli commands in the ESXi Shell.
Procedure
Reference: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-F0FE86AB-70B1-4E7E-A209-E5C5E0A4E57A.html
QUESTION 77
An administrator is performing a silent automatic update of VMware Tools on a Windows virtual machine.
A. /s /v "/qn" /l "c:\Windows\filename.log"
B. --prefix=/usr/local,/usr/lib,/usr/doc --silent
C. --prefix=c:\Windows,c:\VMtools --silent
D. /fs /v "/qn+" /l "c:\Windows\filename.log"
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: Procedure
The VMware Tools label on the Summary tab changes to OK.
Reference: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-B3989445-72A9-4749-A996-CDDCD1FA634D.html
QUESTION 78
An administrator is writing a kickstart script to upgrade an ESXi 6.x host.
A. NFS
B. USB
C. HTTP
D. TFTP
E. PXE
Explanation/Reference:
Explanation: Scripted ESXi installation
Running a script is an efficient way to deploy multiple ESXi hosts with an unattended installation.
The installation script contains the configuration data for the ESXi hosts that you want to install. You can apply the script to all hosts that you want to have a similar
configuration.
Notes:
The script must be created using supported commands.
Ensure you consider all disks that are connected to the host at the time of installation to avoid inadvertently overwriting data. Disk names can vary from machine to
machine, one of the settings that you may want to configure and double check in a script is the disk selection for the ESXi installation.
The host installation script must be stored in a location that the host can access by FTP. HTTP, HTTPS, NFS, USB flash drive, or CD-ROM drive. The installation
media can be mounted on the host locally, remotely, or through PXE boot.
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2109708#Script
QUESTION 79
Which file determines the location of the installation script during a scripted upgrade?
A. boot.cfg
B. ks.cfg
C. script.cfg
D. upgrade.cfg
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
About the boot.cfg File
The boot loader configuration file boot.cfg specifies the kernel, the kernel options, and the boot modules that the mboot.c32 boot loader uses in an ESXi installation.
The boot.cfg file is provided in the ESXi installer. You can modify the kernelopt line of the boot.cfg file to specify the location of an installation script or to pass other boot
options.
The boot.cfg file has the following syntax:
# boot.cfg -- mboot configuration file
#
# Any line preceded with '#' is a comment.
title=STRING
kernel=FILEPATH
kernelopt=STRING
modules=FILEPATH1 --- FILEPATH2... --- FILEPATHn
Reference: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-1DE4EC58-8665-4F14-9AB4-1C62297D866B.html
QUESTION 80
What three supported methods can be used to upgrade a host from ESXi 5.x to ESXi 6.x? (Choose three.)
Explanation/Reference:
Explanation: Upgrade Options for ESXi 6.0
VMware provides several ways to upgrade ESXi 5.x hosts to ESXi 6.0 hosts.
The details and level of support for an upgrade to ESXi 6.0 depend on the host to be upgraded and the upgrade method that you use. Verify support for the upgrade path
from your current version of ESXi to the version to which you are upgrading. See VMware Product Interoperability Matrixes at http://www.vmware.com/resources/
compatibility/sim/interop_matrix.php.
You can upgrade a ESXi 5.x host, asynchronously released driver or other third-party customizations, interactive upgrade from CD or DVD, scripted upgrade, or upgrade
with vSphere Update Manager. When you upgrade an ESXi 5.x host that has custom VIBs to version 6.0, the custom VIBs are migrated. See Upgrading Hosts That Have
Third-Party Custom VIBs.
Methods supported for direct upgrade to ESXi 6.0 are:
■ vSphere Update Manager.
■ Interactive upgrade from CD, DVD, or USB drive.
■ Scripted upgrade.
■ vSphere Auto Deploy. If the ESXi 5.x host was deployed by using vSphere Auto Deploy, you can use vSphere Auto Deployto reprovision the host with an ESXi 6.0 image.
■ The esxcli command.
Reference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-FE668788-1F32-4CB2-845C-5547DD59EB48.html
QUESTION 81
Which two supported tools can be used to upgrade virtual machine hardware? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation: Upgrade Virtual Hardware
You can upgrade the hardware version of virtual machines to the latest version of ESXi. For virtual machines that are running on ESXi 5.x, VMware recommends that you
upgrade the virtual hardware to version 8.
Consider the following points:
■ When you upgrade from virtual hardware version 4 to version 8 the upgrade is reversible if you take a virtual machine backup or snapshot before performing the
upgrade.
■ Upgraded virtual machines cannot be powered on by an ESX 2.x host, even if relocated to a VMFS2 datastore.
■ To automate this process, consider using Update Manager for virtual machine upgrades. See the Installing and Administering VMware vSphere Update
Manager documentation. Update Manager takes automatic snapshots before performing virtual machine upgrades. See Perform an Orchestrated Upgrade of Virtual
Machines with vSphere Update Manager.
■ When you upgrade virtual hardware, no downtime is required for vCenter Server or ESX/ESXi hosts. For virtual machines, the only significant downtime is the time to
reboot the guest operating systems.
Reference: https://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc_50%2FGUID-A45CBEE5-C4D2-484E-A699-
A5A577244DE0.html
QUESTION 82
What are three recommended prerequisites before upgrading virtual machine hardware? (Choose three.)
Explanation/Reference:
Explanation: Before you upgrade the virtual hardware:
1. Create a backup or snapshot of the virtual machine. For more information, see:
2. Upgrade VMware Tools. On Microsoft Windows virtual machines, if you upgrade the virtual hardware before you upgrade VMware Tools, the virtual machine might lose
its network settings.
3. Verify that all .vmdk files are available to the ESXi/ESX hosts on a VMFS 3, VMFS 5, or NFS datastore.
4. Verify that the virtual machines are stored on VMFS 3, VMFS 5 or NFS datastores.
5. Determine the version of the virtual hardware by selecting the virtual machine from the vSphere Client or vSphere Web Client and clicking the Summary tab. The VM
Version label in the Compatibility field displays the virtual hardware version
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1010675
QUESTION 83
An administrator wants to upgrade to vCenter Server 6.x.
Why does the vCenter Server not meet the minimum requirements?
A. Windows Server 2008 R2 is not a supported Operating System for vCenter Server.
B. The virtual machine has insufficient resources for the environment size.
C. The environment is too large to be managed by a single vCenter Server.
D. The Platform Services Controller must be changed to an External deployment.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
vCenter Server for Windows Hardware Requirements
When you install vCenter Server on a virtual machine or physical server running Microsoft Windows server , your system must meet specific hardware requirements.
https://kb.vmware.com/kb/2107948
VMware vCenter Server 6.0 Deployment Guide - White Paper ...
https://www.vmware.com/files/pdf/.../vmware-vcenter-server6-deployment-guide.pdf
QUESTION 84
An administrator has upgraded a Distributed vCenter Server environment from 5.5 to 6.0.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-4BFB12D8-9FCA-4AB1-A44F-2986966F0AD5.html
QUESTION 85
When upgrading vCenter Server, an administrator notices that the upgrade fails at the vCenter Single Sign-On installation.
A. Verify that the VMware Directory service can stop by manually restarting it.
B. Verify that the vCenter Single Sign-On service can stop by manually restarting it.
C. Uninstall vCenter Single Sign-On service.
D. Uninstall the VMware Directory service.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Prerequisites
■ Your current vCenter Single Sign-On must have been installed on a separate virtual machine (VM) or physical server from yourvCenter Server instance.
■ Verify your configuration meets the upgrade requirements, seevCenter Server for Windows Requirements.
■ Complete the preparation to upgrade tasks. See Before Upgrading vCenter Server
■ Verify that you have made a backup of your vCenter Serverconfiguration and database.
■ To verify that the VMware Directory Service is in a stable state and can stop, manually restart it. The VMware Directory service must stopped for the vCenter
Server upgrade software to uninstall vCenter Single Sign-On during the upgrade process.
■ Download the vCenter Server Installer. See Download the vCenter Server for Windows Installer
Reference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-A94C1617-5F15-402A-B462-1AC6A041C73E.html
QUESTION 86
During a vCenter Server upgrade, an ESXi 6.x host in a High Availability (HA) cluster fails.
A. HA will fail the virtual machines over to an available host during the vCenter Server upgrade process.
B. HA is unavailable during the vCenter Server upgrade process.
C. HA will fail the virtual machines over to an available host after the vCenter Server upgrade completes.
D. HA will successfully vMotion the virtual machines during the host failure.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
During a vCenter Upgrade the VMware HA Agent on all of the ESXi hosts will be updated. ... it's very likely that the HA agent will fail to initialize the first time when the host
restarts.
During a vCenter Upgrade the VMware HA Agent on all of the ESXi hosts will be updated. After this happens the “require reboot” flag is set on the hosts, as explained in
VMware KB 2034945.
QUESTION 87
An administrator is upgrading a vCenter Server Appliance and wants to ensure that all the prerequisites are met.
What action must be taken before upgrading the vCenter Server Appliance?
Explanation/Reference:
Explanation:
Prerequisites
■ Verify that the clocks of all machines on the vSphere network are synchronized. See Synchronizing Clocks on the vSphere Network.
■ Verify that the target ESXi host on which you deploy the vCenter Server Appliance is not in lockdown or maintenance mode.
■ Verify that you have sufficient free disk space on the vCenter Server Appliance that you want to upgrade to accommodate the data for the upgrade.
■ Verify that port 22 is open on the vCenter Server Appliance that you want to upgrade. The upgrade process establishes an inbound SSH connection to download the
exported data from existing appliance.
■ Verify that port 443 is open on the source ESXi host on which the vCenter Server Appliance that you want to upgrade resides. The upgrade process establishes an
HTTPS connection to the source ESXi host to verify that the vCenter Server Appliance is ready for upgrade and to set up an SSH connection between the new and the
existing appliance.
■ Verify that the vCenter Server SSL certificate for your existing vCenter Server Appliance is configured correctly. See VMware Knowledge Base article 2057223.
■ If you use an external database, back up the vCenter Server Appliance database.
■ Create a snapshot of the vCenter Server Appliance that you want to upgrade.
■ Install the new version of the Client Integration Plug-In. SeeInstall the Client Integration Plug-In.
Reference: https://pubs.vmware.com/vsphere60/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-6A5C596D-103E-4024-9353-5569263EB427.html
QUESTION 88
An administrator is upgrading vCenter Server and sees this error:
The DB User entered does not have the required permissions needed to install and configure vCenter Server with the selected DB. Please correct the following error(s): %
s
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation: Cause
This issue occurs when the vCenter Server instance being upgraded is connected to a SQL server which was upgraded and the vCenter Server database compatibility
level is not changed to match the SQL server version.
Resolution
To resolve this issue, change the database compatibility level to match the SQL Servers level.
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2006904
QUESTION 89
Which two vCenter Server services are migrated automatically as part of an upgrade from a Distributed vCenter Server running 5.x? (Choose two.)
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
Explanation: vCenter Server 5.x for Windows services that are migrated to become part of the vCenter Server group of services during the upgrade process include:
■ Inventory Services
■ vSphere Web Client
■ vSphere Auto Deploy
■ vSphere Syslog Collector
■ vSphere ESXi Dump Collector
vCenter Server and vCenter Single Sign-On are the only services that are not migrated. vCenter Single Sign-On instances are upgraded in place to become part of an
external Platform Services Controller if they are deployed on a system other than the system where the vCenter Server resides.
Reference:
https://pubs.vmware.com/vsphere60/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-4BFB12D8-9FCA-4AB1-A44F-2986966F0AD5.html
QUESTION 90
What command line utility can be used to upgrade an ESXi host?
A. esxcli
B. esxupdate
C. vihostupdate
D. esxcfg
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: ESXi Command-line interface - esxcli
Using the vSphere Command Line Interface (CLI), you can upgrade ESXi 5.x hosts to version 6.0.
For more information about upgrading ESXi 5.x hosts using esxcli commands, see the Upgrading Hosts by Using esxcli Commands
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2109711
QUESTION 91
Which log file would you examine to identify an issue which occurred during the pre-upgrade phase of a vCenter Server upgrade process?
A. vcdb_req.out
B. vcdb_export.out
C. vcdb_import.out
D. vcdb_inplace.out
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Example: Database Upgrade Locations
■ For pre-upgrade checks, review the%TEMP%\..\vcsUpgrade\vcdb_req.out file.
The vcdb_req.err file tracks any errors that were identified during the pre-upgrade phase.
Reference:
https://pubs.vmware.com/vsphere60/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-5EAC8B84-0A95-41EC-AAF4-6CBBB3A5152A.html
QUESTION 92
Which three statements are true when restoring a Resource Pool Tree? (Choose three.)
Explanation/Reference:
Explanation:
QUESTION 93
An administrator has created a resource pool named Marketing HTTP with a Memory Limit of 24 GB and a CPU Limit of 10,000 MHz.
What would happen if all three virtual machines are powered on?
A. All three virtual machines can power on, but will have memory contention.
B. All three virtual machines can power on without memory contention.
C. Only two of the three virtual machines can power on.
D. Only one of the virtual machines can power on.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Applying a limit on a vCPU and memory will slow your VM down no matter what because of distribution of resources. Even if there are no other VMs running on that 4
socket quad core host. Powering on all the virtual machine will enables 100% resources to be used by VM hence, only few required VM’s will powered “On” which requires
the maximum utilization from the available resources.
Example: When a single(or two) VM has a limit of 5000MHz and 16GB, 6 GB Memory = 22gb utilization will be high and is the only VM running on a host than it will run it
full speed as it will be constantly rescheduled for 5000MHz and maximum memory(22-24 GB)
Check: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2032906
Or Resource Pool Metrics: https://pubs.vmware.com/.../GUID-6F436275-169F-4DE5-B393-3B771623C0F8.htm .
QUESTION 94
Refer to the Exhibit.
An administrator has configured a vSphere 6.x DRS cluster as shown in the Exhibit.
A. A virtual machine can be powered on in the Test Resource Pool with a 6 GB Memory Reservation.
B. A virtual machine can be powered on in the Dev Resource Pool with a 8 GB Memory Reservation.
C. A virtual machine from both the Test Resource Pool and the Dev Resource Pool can be powered on with a 4 GB Memory Reservation.
D. No more virtual machines can be powered on due to insufficient resources.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
A virtual machine can be powered on in the Test Resource Pool with a 6 GB Memory Reservation because: Total is 8GB
1Gb used by test resource pool VM which is powered on and 2gb by Test dev pool VM powered on hence distribution is less and expandable memory quota is more/left.
And,
Resource Pool
Resource pools per host 1600
Children per resource pool 1100
Resource pool tree depth 8
Additional 4 resource pools are used by system internals.
Resource pools per cluster 1600
QUESTION 95
Refer to the Exhibit.
-- Exhibit --
A. Under CPU contention, Prod-VM1 receives four times the CPU resources than Test-VM1.
B. The Prod-VM1 will always have more CPU resources than all other virtual machines.
C. The Test-VM2 will always have less CPU resources than all other virtual machines.
D. Under CPU contention, Test-VM1 will receive 25% of the total CPU resources.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
To understand limits and theory check the information given below:
CPU is calculated like this: [Cluster CPU Cores] * [ 2,000 for High, 1,000 for Normal, 500 for Low ]
For an example, Our DRS cluster has 100 CPU cores (see the blue section) and thus the math is: 100 * 2,000 = 200,000 for High and 100 * 500 = 50,000 for Low.
That’s why PROD-VM1 : CPU shares High.
https://www.vmware.com/files/pdf/drs_performance_best_practices_wp.pdf
QUESTION 96
VMware vSphere Replication protects virtual machines from partial or complete site failures by replicating the virtual machines between which three sites? (Choose three.)
Explanation/Reference:
Explanation: Overview of VMware vSphere Replication
VMware vSphere Replication is an extension to VMware vCenter Server that provides hypervisor-based virtual machine replication and recovery.
vSphere Replication is an alternative to storage-based replication. It protects virtual machines from partial or complete site failures by replicating the virtual machines
between the following sites:
■ From a source site to a target site
■ Within a single site from one cluster to another
■ From multiple source sites to a shared remote target site
Reference:
https://pubs.vmware.com/vsphere55/index.jsp?topic=%2Fcom.vmware.vsphere.replication_admin.doc%2FGUID-C987AD18-7C2D-4FA6-B6E4-6B0DDA915A7A.html
QUESTION 97
Which two capabilities does the vSphere Replication Client Plug-in provide? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
vSphere Replication Client Plug-In
The vSphere Replication appliance adds a plug-in to the vSphere Web Client.
You use the vSphere Replication client plug-in to perform all vSphere Replication actions.
■ Configure connections between vSphere Replication sites.
■ View all vCenter Server instances that are registered with the same SSO and status of each vSphere Replication extension.
■ Deploy and register additional vSphere Replication servers.
■ Configure the replication of individual or multiple virtual machines.
■ View incoming and outgoing replications.
■ Monitor and manage the status of the replications.
■ Recover virtual machines.
Reference:
https://pubs.vmware.com/vsphere55/index.jsp?topic=%2Fcom.vmware.vsphere.replication_admin.doc%2FGUID-DEFB63AE-C60C-4606-9F1C-E1B270CA408A.html
QUESTION 98
A vSphere Replication user needs to connect a source site to a target site.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference:
https://pubs.vmware.com/vsphere51/index.jsp?topic=%2Fcom.vmware.vsphere.replication_admin.doc%2FGUID-A73BC0B8-CA53-4E0E-91F6-17451BB4CAE8.html
QUESTION 99
Which three parameters should be considered when calculating the bandwidth for vSphere Replication? (Choose three.)
Explanation/Reference:
Explanation: The amount of network bandwidth that vSphere Replication requires to replicate virtual machines efficiently depends on several factors in your environment.
Network-based storage
Size of dataset
Data change rate
Recovery point objective (RPO)
Link speed
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2037268
QUESTION 100
When importing an existing SSL certificate into vSphere Replication Server, which file format is required?
A. PKCS#12
B. DER
C. PEM
D. PKCS#7
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: Converting the signed certificate to PKCS#12 format
After you receive the certificate (ending in .cer or .crt) from your certificate authority. It must be converted to the PKCS#12 format. To convert it requires key files you
generated while generating the certificate request and the signed certificate:
1. Copy the signed certificate file to the server where you generated the certificate signing request.
2. Use OpenSSL to generate the PKCS#12 certificate:
openssl pkcs12 -export -in protected.cer -inkey protected.key -name "vrprot" -passout pass:replication55 -out protected.p12
openssl pkcs12 -export -in recovery.cer -inkey recovery.key -name "vrdr" -passout pass:replication55 -out recovery.p12
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2080395
QUESTION 101
Which keystore would a vSphere Replication administrator use to manually add an additional Certificate Authority certificate?
A. hms-truststore.jks
B. hms-keystore.jks
C. certificates.ks
D. cacerts.ks
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
vSphere Replication can verify remote server certificates either by verifying the validity of the certificate and the thumbprint or by verifying the thumbprint only. By default,
vSphere Replication verifies the thumbprint only. If you select the Accept only SSL certificates signed by a trusted Certificate Authority option in the VAMI, this causes
vSphere Replication to verify the validity of the certificate as well as the thumbprint. This means that the certificate authority that issued the certificates for vSphere
Replication and vCenter Server must be trusted by vSphere Replication. By default, vSphere replication trusts all certificate authorities that the Java Virtual Machine trusts.
You can import additional trusted CA certificates in /opt/vmware/hms/security/hmstruststore.Jks on the vSphere Replication appliance. To import these certificates,
perform these steps:
1. Locate the root certificate authority certificate that was used when generating the vCenter server certificates (usually Root64.cer). If you use a Microsoft certificate
authority, this can be re-generated by performing the mentioned in Creating certificate requests and certificates for vCenter Server 5.1 components (2037432) .
Otherwise, you may be able to export the root certificate using the MMC on a Windows system.
2. Copy the certificate to your replication appliance.
For example, /home directory. A utility such as WinSCP can be used for this.
3. Run this command to import the certificate into the HMS truststore:
/usr/java/default/bin/keytool -import -trustcacerts -alias root -file /home/Root64.cer -keystore /opt/vmware/hms/security/hms-truststore.jks -storepass vmware
4. Type yes at the prompt and press enter to complete the certificate import process:
5. You see the this text which confirms the import was successful:
6. Use this command to verify the certificate is now present in the HMS truststore:
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2080395
QUESTION 102
What is the maximum number of snapshot instances in vSphere Replication that can be configured to recover a virtual machine at a specific point in time?
A. 16
B. 24
C. 48
D. 72
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation: When you configure replication of a virtual machine, you can enable multiple point in time (PIT) instances in the recovery settings in the Configure Replication
wizard. vSphere Replication retains a number of snapshot instances of the virtual machine on the target site based on the retention policy that you specify.vSphere
Replication supports maximum of 24 snapshot instances. After you recover a virtual machine, you can revert it to a specific snapshot.
Reference: https://pubs.vmware.com/srm-55/index.jsp?topic=%2Fcom.vmware.srm.admin.doc%2FGUID-F3C8A2E9-183E-4DFF-A7D1-43CAEE584149.html
QUESTION 103
What is the compression algorithm used by vSphere Replication to compress data at the source?
A. FastLZ
B. Lz4
C. Lzr
D. Lzx
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: vSphere Replication 6.0 utilizes the FastLZ compression library. This provides a nice balance of speed, minimal CPU overhead, and compression efficiency.
When using vSphere 6.0 and vSphere Replication 6.0 at both the source and target locations, updates are compressed at the source and stay compressed until they are
written to storage at the target. In cases where there is a mixed configuration, packets may be decompressed at some point in the replication path. For example, if a
vSphere 6.0 host is connecting to a vSphere Replication 5.8 virtual appliance, packets will not be compressed over the network. Another example: vSphere 6.0 replicating
to a vSphere Replication 6.0 virtual appliance, which is writing to vSphere 5.5 host storage – packets are compressed from the source to the vSphere Replication 6.0
virtual appliance, but are decompressed in the appliance before being written to the vSphere 5.5 storage at the target. Performing this decompression in the vSphere
Replication virtual appliance will cause higher vCPU utilization in the appliance. As you can imagine, the most benefit from compression will be realized when running
vSphere 6.0 and vSphere Replication 6.0 at both the source and target locations.
Reference: https://blogs.vmware.com/vsphere/2015/03/vr-60-compression.html
QUESTION 104
Refer to the Exhibit.
A vSphere 6.x environment is configured with VMware Virtual Volumes (VVOLs). An administrator accesses the cluster Actions menu, as shown in the Exhibit.
A. Storage
B. Deploy OVF Template
C. New vApp
D. Settings
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: Virtual Volumes is an integration and management framework for external storage that provides finer control at the VM-level, streamlines storage operation
and offers flexibility of choice.
Virtual Volumes implements the core tenets of the VMware SDS vision to enable a fundamentally more efficient operational model for storage in virtualized environments,
centering it around the VM rather than on the physical infrastructure. - See more at: http://www.vmware.com/in/products/vsphere/features/virtual-
volumes#sthash.tx9IZaOq.dpuf
QUESTION 105
Refer to the Exhibit.
Explanation/Reference:
Explanation: The datastore size selected is 100GB. On competition of this step, 100 GB VMFS datastore will be created.
QUESTION 106
Refer to the Exhibit.
An administrator is attempting to enable Enhanced vMotion Compatibility (EVC), but receives the error shown in the Exhibit.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation: To resolve the issue, you must enable both No-Execute Memory Protection and Virtualization Technology features in order for EVC to function. Consult
the documentation for your hardware for more information.
Notes:
Hardware Virtualization is called Intel VT on Intel processors and AMD-V on AMD processors.
Execute Protection is called Intel eXecute Disable (XD) on Intel processors and AMD No eXecute (NX) on AMD processors.
QUESTION 107
Refer to the Exhibit.
Refer to the Exhibit. The list of devices attached to vmhba1 will be the basis for configuring a VMware Virtual SAN using Manual Mode.
Based on the exhibit, which two combinations of devices should be used to create Disk Group(s)? (Choose two.)
A. One Disk Group with one Flash Drive and three HDDs
B. Two Disk Groups with one Flash Drive and two HDDs each
C. One Disk Group with one Flash Drive and four HDDs
D. Two Disk Groups with two Flash Drives and four HDDs each
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
On each ESXi host that contributes its local disks to a Virtual SAN cluster, disks are organized into disk groups. A disk group is a main unit of storage on a host. Each disk
group includes one SSD and one or multiple HDDs (magnetic disks).
Virtual SAN uses an aggregation of disk groups to back up a single datastore that is created when you enable Virtual SAN.
In the disk group, the SSD primarily serves as a read cache write buffer, while the HDDs are used for permanent storage. Typically, a higher SSD to HDD ratio, both in
size and quantity, improves performance.
Depending on the mode you select when enabling Virtual SAN on a cluster, you can use different ways to organize disks into groups.
Automatic Mode
Virtual SAN claims all available and usable disks and organizes them into default groups with one SSD and one or multiple HDDs. If you add more disks to hosts or add
new hosts to the Virtual SAN cluster, all applicable disks are claimed by Virtual SAN. Virtual SAN in automatic mode claims only local disks on the ESXi hosts in the
cluster. You can add any remote nonshared disks manually.
Manual Mode
You must specify hosts and disks on the hosts to be used for the Virtual SAN datastore. You have two methods of organizing disks into disk groups, semi-automatic and
manual.
When you use the semi-automatic method, Virtual SAN organizes the disks that you specify into default disk groups.
Another option is to manually create user-defined disk groups and select disks for each group. When you create a disk group manually, your main consideration should be
the ratio of SSD to Raw HDD capacity. Although the ratios depend on use cases and workloads, the best practice is to use SSD capacity of at least 10 percent of the total
consumed HDD capacity in each disk group, without counting the protection copies. For example, if the size of your Raw HDD capacity on the disk group is 4TB, the
recommended SSD capacity is 400GB.
QUESTION 108
An administrator is unable to start the vCenter Server service. The vpxd.log file shows this service failure:
[13308 error 'Default' opID=622892-371bf717] CoreDump: Unable to write minidump [13308 error 'Default' opID=622892-371bf717] error -2147024784 : There is not
enough space on the disk.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: Symptoms
Cannot start VMware VirtualCenter Server service
In the vpxd.log file located at C:\ProgramData\VMware\VMware VirtualCenter\Logs\, you see backtraces similar to:
[VpxdClientAdapter] Got vmacore exception: An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue
was full
<YYYY-MM-DD><TIME> [18244 error 'vpxdvpxdVmomi' opID=HB-host-6161@193472-2b600f1f] [VpxdClientAdapter] Backtrace:
--> backtrace[00] rip 000000018018cd7a
--> backtrace[01] rip 0000000180106c48
--> backtrace[02] rip 000000018010803e
--> backtrace[03] rip 000000018009
<YYYY-MM-DD><TIME> [09356 verbose 'VpxProfiler' opID=HB-host-8535@1072225-79714cc6] [1-] [ORM] Update: vim.vm.ConfigInfo, Id: 12892 (took 0 ms)
<YYYY-MM-DD><TIME> [12016 error 'vpxdvpxdVmomi' opID=HB-host-154@86503-2d0e7772] [VpxdClientAdapter] Got vmacore exception: An operation on a socket
could not be performed because the system lacked sufficient buffer space or because a queue was full
<YYYY-MM-DD><TIME> [12016 error 'vpxdvpxdVmomi' opID=HB-host-154@86503-2d0e7772] [VpxdClientAdapter] Backtrace:
--> backtrace[00] rip 000000018018cd7a
Cause
This issue occurs because vCenter Server does not have sufficient hard disk space to be allocated for the buffer.
Reference: https://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=2083927
QUESTION 109
After deploying a vSphere Platform Services Controller (PSC), an administrator is unable to install vCenter Server. The error displayed is:
Could not contact Lookup Service. Please check VM_ssoreg.log.
Which two actions can be taken to correct this problem? (Choose two.)
A. Verify that the clocks on the host machines running the PSC, vCenter Server, and the vSphere Web Client are synchronized.
B. Configure a valid Identity Source for the Platform Services Controller in the vSphere Web Client.
C. Ensure that there is no firewall blocking port 7444 between the PSC and vCenter Server.
D. Uninstall and reinstall the Platform Services Controller software.
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-B8D60389-AF95-4368-8AB2-D282CBE0C4A9.html
QUESTION 110
Which condition would cause a vCenter Server installation to fail when installing on a Windows virtual machine?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation: The vCenter Server installation or uninstallation process might fail or stop responding on Windows Server 2008 R1 SP2
The Windows Installer on Windows Server 2008 R1 SP2 has issues with handling multiple packages. Because of these issues the vCenter Server installation might stop
responding, or if you attempt to install and uninstall vCenter Server a few times, the process might fail.
Workaround: Apply the patch from Microsoft KB 981669 which addresses the Windows Installer issue.
Reference: https://www.vmware.com/support/vsphere6/doc/vsphere-esxi-vcenter-server-60-release-notes.html#compatibility
QUESTION 111
Which three ports are used by the vSphere Web Client when connecting directly to an ESXi 6.x host? (Choose three.)
A. 443 TCP
B. 902 TCP and UDP
C. 903 TCP
D. 5480 TCP
E. 9443 TCP and UDP
Explanation/Reference:
Explanation:
Reference: https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-60-installation-setup-guide.pdf
QUESTION 112
When attempting to connect to a vCenter Server, an administrator observes the following at the top of the vSphere Web Client:
What three reasons could be preventing the vSphere Web Client from communicating with this vCenter Server? (Choose three.)
During the re-installation of vCenter Server, it is possible to have the same vCenter Server registered more than once to Single Sign-On (SSO).
With a previous install of vCenter Server, SSL certificates are not overwritten or removed properly during an upgrade or re-installation.
Note: If there are previous issues with the certificates, they may not be exposed until the installation and use of the 5.1 Web Client.
Before proceeding with the steps in the Resolution section, ensure that you are not experiencing the issue identified in vSphere Web Client 5.1 reports this SSL warning
after an installation or upgrade: Failed to verify the SSL certificate for one or more vCenter Server Systems (2036505) .
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2050273
QUESTION 113
An administrator wants to allow users to login to the vSphere Web Client using the Use Windows session authentication check box for faster authentication.
Which three requirements must be met for this feature to be available and functional? (Choose three.)
A. Install the vSphere Web Client Integration browser plug-in on the vCenter Server and Platform Services Controller machines.
B. Install the vSphere Web Client Integration browser plug-in on each workstation from where a user will sign in.
C. The users must be signed into Windows using Active Directory user accounts.
D. The administrator must create a valid Identity Source in Single Sign-On for the users domain.
E. The administrator must create a valid Single Sign-On Identity Source using Integrated Windows Authentication.
Explanation/Reference:
Explanation: Procedure
1 Navigate to the vSphere Web Client login page.
2 If the Use Windows session authentication check box is not available,
click Download the Client Integration Plug-in at the bottom of the login page.
3 If the browser blocks the installation by issuing certificate errors or by running a pop-up blocker,
follow the Help instructions for your browser to resolve the problem.
4 Close other browsers if you are prompted to do so.
After installation, the plug-in is available for all browsers.
5 Exit and restart your browser.
After the restart, you can select the Use Windows session authentication check box.
Reference: https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-C7BF3BD5-76E6-406F-8CF1-309D31F1DEBA.html
QUESTION 114
An administrator is unable to see performance statistics for only the Past Week performance data. The vCenter Server is using a Microsoft SQL Server Database.
What are three likely causes contributing to this issue? (Choose three.)
A. Performance statistics are turned off.
B. The Past Day rollup job is not present.
C. The stats_rollup_1_proc is not present.
D. The VMware Performance Charts Service is stopped.
E. The JDBC URL is incorrect in the vcdb.properties file.
Explanation/Reference:
Explanation: Please refer to this link to troubleshoot this issue: https://kb.vmware.com/selfservice/microsites/search.do?
language=en_US&cmd=displayKC&externalId=1004382
QUESTION 115
An ESXi 6.x host in the vCenter Server inventory has disconnected due to an All Paths Down (APD) situation. An administrator has corrected the APD issue on the host,
but it still remains disconnected.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: All-Paths-Down (APD)
A datastore is shown as unavailable in the Storage view
A storage adapter indicates the Operational State of the device as Dead or Error
All paths to the device are marked as Dead
You are unable to connect directly to the ESXi host using the vSphere Client
The ESXi host shows as Disconnected in vCenter Server
In the /var/log/vmkernel.log file, you see entries similar to:
cpu1:2049)WARNING: NMP: nmp_IssueCommandToDevice:2954:I/O could not be issued to device "naa.60a98000572d54724a34642d71325763" due to Not found
cpu1:2049)WARNING: NMP: nmp_DeviceRetryCommand:133:Device "naa.60a98000572d54724a34642d71325763": awaiting fast path state update for failover with I/
O blocked. No prior reservation exists on the device.
cpu1:2049)WARNING: NMP: nmp_DeviceStartLoop:721:NMP Device "naa.60a98000572d54724a34642d71325763" is blocked. Not starting I/O from device.
cpu1:2642)WARNING: NMP: nmpDeviceAttemptFailover:599:Retry world failover device "naa.60a98000572d54724a34642d71325763" - issuing command
0x4124007ba7c0
cpu1:2642)WARNING: NMP: nmpDeviceAttemptFailover:658:Retry world failover device "naa.60a98000572d54724a34642d71325763" - failed to issue command due
to Not found (APD), try again...
cpu1:2642)WARNING: NMP: nmpDeviceAttemptFailover:708:Logical device "naa.60a98000572d54724a34642d71325763": awaiting fast path state update...
cpu0:2642)WARNING: NMP: nmpDeviceAttemptFailover:599:Retry world failover device "naa.60a98000572d54724a34642d71325763" - issuing command
0x4124007ba7c0
cpu0:2642)WARNING: NMP: nmpDeviceAttemptFailover:658:Retry world failover device "naa.60a98000572d54724a34642d71325763" - failed to issue command due
to Not found (APD), try again...
cpu0:2642)WARNING: NMP: nmpDeviceAttemptFailover:708:Logical device "naa.60a98000572d54724a34642d71325763": awaiting fast path state update...
Not all VMFS volumes were updated; the error encountered was 'No connection'.
Errors:
Rescan complete, however some dead paths were not removed because they were in use by the system. Please use the 'storage core device world list' command to
see the VMkernel worlds still using these paths.
Error while scanning interfaces, unable to continue. Error was Not all VMFS volumes were updated; the error encountered was 'No connection'.
cpu17:10107)WARNING: Vol3: 1717: Failed to refresh FS 4beb089b-68037158-2ecc-00215eda1af6 descriptor: Device is permanently unavailable
cpu17:10107)ScsiDeviceIO: 2316: Cmd(0x412442939bc0) 0x28, CmdSN 0x367bb6 from world 10107 to dev "eui.00173800084f0005" failed H:0x1 D:0x0 P:0x0
Possible sense data: 0x0 0x0 0x0.
cpu17:10107)Vol3: 1767: Error refreshing PB resMeta: Device is permanently unavailable
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2004684
QUESTION 116
An administrator notices that the time on an ESXi 6.x host is incorrect.
Which two actions should the administrator take to correct this issue? (Choose two.)
A. Modify the time for the host using the vSphere client.
B. Correct the NTP settings in the /etc/ntp.conf file.
C. Configure NTP from the Direct Console User Interface.
D. Use the vicfg-ntp command from the vSphere Management Appliance.
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation: Resolution
To configure NTP on ESX/ESXi 4.1 and ESXi 5.x hosts using the vSphere Client:
1. Connect to the ESX/ESXi host using the vSphere Client.
2. Select a host in the inventory.
3. Click the Configuration tab.
4. Click Time Configuration.
5. Click Properties.
6. Click Options.
7. Click NTP Settings.
8. Click Add.
9. Enter the NTP Server name. For example, pool.ntp.org.
Note: When entering the multiple NTP Server names, use a comma (,) followed by a space ( ) between the entries.
10. Click OK.
11. Click the General tab.
12. Click Start automatically under Startup Policy.
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2012069
QUESTION 117
Which command shows the Physical Uplink status for a vmnic?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference: https://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vcli.ref.doc_50%2Fesxcli_network.html
QUESTION 118
An administrator decides to change the root password for an ESXi 6.x host to comply with the company's security policies.
What are two ways that this can be accomplished? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Limit ESXi Access
By default, the ESXi Shell and SSH services are not running and only the root user can log in to the Direct Console User Interface (DCUI). If you decide to enable ESXi or
SSH access, you can set timeouts to limit the risk of unauthorized access.
ESXi enforces password requirements for direct access from the Direct Console User Interface, the ESXi Shell, SSH, or the vSphere Client.
Reference: https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-60-security-guide.pdf
QUESTION 119
An administrator connects to an ESXi 6.x host console in order to shutdown the host.
Which option in the Direct Console User Interface would perform this task?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: ESXi 4.x/5.x/6.0
1. From the Direct Console User Interface (DCUI) screen, press F12 to view the shutdown-related options for the ESXi host.
Press F2 to shut down.
Press F11 to reboot.
2. From Local or Remote Tech Support Mode, or from an SSH session, run one of these commands:
Run the reboot command to restart the host.
Run the poweroff command to shut down the host.
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1013193
QUESTION 120
An administrator is able to manage an ESXi 6.x host connected to vCenter Server using the vSphere Web Client but is unable to connect to the host directly.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation: ESXi 6.0:
Starting with vSphere 6.0, you can select normal Lockdown mode or strict Lockdown mode, which offer different degrees of lockdown.
In normal lockdown mode the DCUI service is not stopped. If the connection to the vCenter Server is lost and access through the vSphere Web Client is no longer
available, privileged accounts can log in to the ESXi host's Direct Console Interface and exit lockdown mode. Only these accounts can access the Direct Console User
Interface:
Accounts in the Exception User list for lockdown mode who have administrative privileges on the host. The Exception Users list is meant for service accounts that
perform very specific tasks. Adding ESXi administrators to this list defeats the purpose of lockdown mode.
Users defined in the DCUI.Access advanced option for the host. This option is for emergency access to the Direct Console Interface in case the connection to vCenter
Server is lost. These users do not require administrative privileges on the host.
In strict lockdown mode the DCUI service is stopped. If the connection to vCenter Server is lost and the vSphere Web Client is no longer available, the ESXi host becomes
unavailable unless the ESXi Shell and SSH services are enabled and Exception Users are defined. If you cannot restore the connection to the vCenter Server system, you
have to reinstall the host.
For more information on Lockdown mode in vSphere 6.0, see the Lockdown Mode section in the vSphere Security Guide.
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1008077
QUESTION 121
An administrator creates a custom ESXi firewall rule using an XML file, however the rules do not appear in the vSphere Web Client.
Explanation/Reference:
Explanation:
Revert the access permissions of the service.xml file to the read-only default by running the command:
or
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2008226
QUESTION 122
An administrator needs two vCenter Servers to be visibile within a single vSphere Web Client session.
Which two vCenter Server and Platform Services Controller (PSC) configurations would accomplish this? (Choose two.)
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 123
An administrator wants to clone a virtual machine using the vSphere Client.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Clone a Virtual Machine in the vSphere Client
Cloning a virtual machine creates a duplicate of the virtual machine with the same configuration and installed software as the original.
Optionally, you can customize the guest operating system of the clone to change the virtual machine name, network settings, and other properties. This prevents conflicts
that can occur if a virtual machine and a clone with identical guest operating system settings are deployed simultaneously.
Prerequisites
■ You must be connected to vCenter Server in order to clone a virtual machine. You cannot clone virtual machines if you connect directly to an ESXi host.
Reference:
https://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vsphere.vm_admin.doc_50%2FGUID-5C504B67-CDB3-42FC-8B3B-737201A725DD.html
QUESTION 124
An administrator wants to power on a virtual machine (VM) while connected to an ESXi host using SSH. The VM has the following Name and ID:
VM Name = SQL001
VMID = 12345
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
ESXi 4.x, 5.x and 6.0
To power on a virtual machine from the command line:
1. List the inventory ID of the virtual machine with the command:
QUESTION 125
What will occur if the .nvram file is deleted from a powered off virtual machine?
A. The .nvram file will get created the next time the virtual machine is powered on.
B. Restoring the file from backup is needed to allow the virtual machine to power on.
C. The virtual machine will fail to power on and enter an Orphaned state.
D. The virtual machine will fail to power on and enter an Inaccessible state.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
The .nvram file. This small file contains the BIOS that is used when the VM boots. It is similar to a physical server that has a BIOS chip that lets you set hardware
configuration options. A VM also has a virtual BIOS that is contained in the NVRAM file. The BIOS can be accessed when a VM first starts up by pressing the F2 key.
Whatever changes are made to the hardware configuration of the VM are then saved in the NVRAM file. This file is in binary format and if deleted it will be automatically
re-created when a VM is powered on.
Reference:
http://searchvmware.techtarget.com/tip/Understanding-the-files-that-make-up-a-VMware-virtual-machine
QUESTION 126
An administrator tries to connect the vSphere 5.5 Client to an ESXi 6.x host.
A. The operation will fail, since the vSphere Client is deprecated in vSphere 6.x.
B. The operation will fail and the administrator will need to delete the client and install the 6.x version.
C. The operation will prompt the administrator to run a script to upgrade the vSphere Client.
D. The operation will update the vSphere Client silently in the background, then connect.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Whenever a user tries to connect to a higher version of the ESXI host, the user will be prompted to upgrade to the higher version to escape the compatibility issues.
QUESTION 127
After successfully adding a new ESXi 6.x host to vCenter Server, an administrator sees it as Not Responding in the vSphere Web Client interface a few minutes later.
If the issue is caused by a network firewall blocking traffic, which port must be opened to correct this specific problem?
A. 443 (TCP)
B. 443 (UDP)
C. 902 (TCP)
D. 902 (UDP)
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Port: 902 (Default)
Purpose:
Host access to other hosts for migration and provisioning
Authentication traffic for ESXi and remote console traffic (xinetd/vmware-authd)
vSphere Client access to virtual machine consoles
(UDP) Status update (heartbeat) connection fromESXi to vCenter Server
Traffic Type
Incoming and outgoing TCP, outgoing UDP
Reference:
https://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc_50%2FGUID-ECEA77F5-D38E-4339-9B06-FF9B78E94B68.html
QUESTION 128
An administrator is troubleshooting network communications between the vCenter Server and the ESXi 6.x host.
A. /var/log/syslog.log
B. /var/log/hostd.log
C. /var/log/vpxa.log
D. /var/log/fdm.log
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
When an ESXi 5.1 / 5.5 host is managed by vCenter Server 5.1 and 5.5, two components are installed, each with its own logs:
/var/log/vpxa.log: vCenter Server vpxa agent logs, including communication with vCenter Server and the Host Management hostd agent.
/var/log/fdm.log: vSphere High Availability logs, produced by the fdm service. For more information, see the vSphere HA Security section of the vSphere Availability
Guide.
Reference:
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2032076
QUESTION 129
An administrator is observing slow performance of the vCenter Inventory Service and observes the entries from the wrapper.log file:
Exception in thread "tomcat-exec-2" java.lang.OutOfMemoryError: Java heap spaceException in thread "http-bio-0.0.0.0-10443-Acceptor-0" java.lang.OutOfMemoryError:
Java heap space
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Cause
This issue is occurs if the allocated JVM maximum memory heap is too low for the VMware Inventory service, VMware Profile-Driven Storage service, or VMware
VirtualCenter Web Management service.
Several core vCenter Server services use individual configuration files (wrapper.conf) to determine the JVM maximum heap size that each service can use. The VMware
Inventory service, VMware Profile-Driven Storage service, and VMware VirtualCenter Web Management service rely on the JVM maximum memory heap configured in
their individual wrapper.conf file and play a critical role in the functionality of vCenter Server.
Note: If vCenter Server 5.5 has recently been updated beyond 5.5 U2, see Upgrading VMware vCenter Server 5.5 to 5.5 U2 or later reduces the JVM maximum memory
heap size (2114669).
Resolution
This is a known issue affecting vCenter Server 5.x.
To resolve this issue, manually set the inventory size.
To change the JVM maximum memory heap size for a Windows installed vCenter Server 5.x, see, see Configuring Tomcat server settings in VMware vCenter Server 5.1
and 5.5 (2021302).
To manually set the inventory size in vCenter Server Appliance 5.x:
1. Log in to vCenter Server Appliance administration interface (VAMI) URL:
https://vCenter_Server_FQDN\IP:5480
2. Click the Services tab.
3. Change the Inventory Size to Medium or Large, depending on your environment.
Note: The system memory may need to be increased when changing this setting. For more information on environment sizing, see the Configure Inventory Size for the
VMware vCenter Server Appliance section of the Configuring Hosts and vCenter Server guide.
4. Restart the VMware Profile-Driven Storage Service and VMware Inventory Service. For more information, see Stopping, starting, or restarting vCenter Server Appliance
services (2054085).
Reference:
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2126282
QUESTION 130
An administrator is troubleshooting a virtual machine that has unexpectedly powered off.
Which two logs should be used to troubleshoot the issue? (Choose two.)
A. vmware.log
B. hostd.log
C. syslog.log
D. shell.log
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
QUESTION 131
An administrator notices that one virtual machine is in an orphaned state.
What are two reasons that a virtual machine can appear as orphaned? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation: Please refer to the following link to understand more about the Orphaned State: https://kb.vmware.com/selfservice/microsites/search.do?
language=en_US&cmd=displayKC&externalId=1003742
QUESTION 132
What is the minimum Virtual Hardware version required for vFlash Read Cache?
A. Version 8
B. Version 9
C. Version 10
D. Version 11
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Virtual Machines vSphere Flash Read Cache is available only to virtual machines with hardware version 10 (VMX-10). All legacy virtual machine hardware must be
upgraded to hardware version 10 to use Virtual Flash Read Cache.
Reference:
https://www.vmware.com/files/pdf/vSphere_55_Flash_Read_Cache_Whats_New_WP.pdf
QUESTION 133
What are three reasons why a virtual machine might fail to power on? (Choose three.)
A. The virtual machine is running on an ESXi host which has an expired license.
B. The virtual machine is running on a datastore which has insufficient disk space for the .vswp file.
C. The virtual machine is in a cluster with vSphere HA Admission control enabled.
D. The virtual machine has a disconnected network adapter.
E. The virtual machine does not have a Virtual Hard Disk assigned.
Explanation/Reference:
Explanation:
When a virtual machine fails to power on, a reason may be logged to the vmware.log file for the virtual machine, to the management agent logs, or presented in the
client. Review any messages and consider these points:
1. The virtual machine monitor may be asking a question to be answered during startup. A virtual machine may pause the power-on task at 95% to obtain additional
information from the administrator. For more information, see Powering on a virtual machine pauses at 95% while waiting for a question to be answered (1027096) .
2. Creating a new power-on task may fail if another task for the virtual machine or other component is already in progress, and multiple concurrent tasks on the object
are not permitted. For more information, see:
3. A virtual machine may fail to power on if licensing requirements are not met. For more information, see:
Cannot Power on Virtual Machines, "Not enough licenses installed to perform the operation" Error Message (7114568)
The Managing ESX/ESXi and vCenter Server Licenses section of the Datacenter Administration Guide for vSphere 4 or higher
The VirtualCenter and ESX Server Licensing Overview section of the Installation Guide for VMware Infrastructure 3
4. The virtual machine may be configured to reserve physical memory on the host, but the host memory is over-committed and the required memory is unavailable. For
more information, see:
Virtual machine does not power on when there is high CPU reservation (1001637)
Powering on a virtual machine fails with the error: memoryAllocation.reservation (1036914) .
5. The virtual machine may be starting in a VMware High Availability cluster with strict admission control enabled, and there are insufficient resources to guarantee
failover for all virtual machines. For more information, see:
Implications of enabling or disabling VMware HA strict admission control when using DRS and VMware DPM (1007006)
Diagnosing insufficient fail over capacity on a VMware High Availability Cluster (1003717)
Automating High Availability (HA) Services with VMware HA whitepaper
6. A file required for starting the virtual machine, such as a virtual disk or swap file, may be unavailable or missing. For more information, see Investigating virtual
machine file locks in ESX/ESXi (10051).
7. The virtual machine may have been previously suspended and making use of CPU features which are unavailable or incompatible with the CPU features available on
this host. The virtual machine cannot be started without the required features. For more information, see:
Powering on a virtual machine from a suspend state or reverting to a snapshot fails (1038218)
Virtual machines fail to power on due to a suspend state from an incompatible CPU type (1000241)
To retain the suspended state, move the virtual machine back to the host it was originally suspended on and power-on the virtual machine there.
To discard the suspend state, and power on the virtual machine in a crash-consistent manner, see Unable to power on a suspended virtual machine using vSphere
Client (1004606).
8. The virtual machine may require both a VT-capable CPU and the VT feature to be enabled in the host system's BIOS. This is true for all 64-bit virtual machines. If the
VT feature is unavailable, the virtual machine may produce the message msg.cpuid.noLongmode. For more information, see Enabling VT on Intel EM64T Systems for
ESX Server 3 (3282933).
9. The virtual machine may require another CPU feature which is unavailable on this host. The virtual machine may produce a message similar
to msg.cpuid.<FeatureName>, identifying the specific feature it has been configured to require. Move the virtual machine back to the host which has the required CPU
features, or edit the virtual machine's configuration to remove the requirement.
10. The virtual machine may start, but quickly fail with an error during startup. Review the contents of the vmware.log file in the virtual machine's directory for any errors
or warnings, and search the Knowledge Base for the error or warning. Base your troubleshooting on the specific messages seen in the logs. For more information, see:
11. If the virtual machine does successfully power on, but the guest OS doesn't start correctly, there may be an incompatibility between the virtual hardware and drivers
within the guest OS. For example, a missing SCSI driver may be required for booting. For more information, see Windows virtual machine configured to use a BusLogic
SCSI controller reports that the operating system does not support the controller (2007603) .
12. If the guest OS, or a driver or application within the virtual machine experiences a problem during startup, the guest OS may become unresponsive. Continue
troubleshooting. For more information, see Troubleshooting unresponsive guest operating system issues (1007818) .
Reference:
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2001005
QUESTION 134
What is the name of the command line utility that checks for VMFS5 metadata corruption?
A. vmkfstools --check
B. voma
C. vmfsanalyzer
D. esxcli vmfs check
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
In ESXi 5.1, VMware introduced the vSphere On-disk Metadata Analyzer (VOMA) for performing VMFS file system metadata checks. This utility scans the VMFS volume
metadata and highlights any inconsistencies to which you may be required to open a support request.
Reference:
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2036767
QUESTION 135
What are two reasons why a local flash device would be unavailable for use with Virtual SAN? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Local Flash Devices Are Unavailable for Use with Virtual SAN or Virtual Flash
A local flash device becomes unavailable for virtual flash resource or Virtual SAN configuration when it is formatted with VMFS or any other file system.
Problem
When you attempt to configure either Virtual SAN or virtual flash resource, a local flash disk does not appear on the list of disks to be used.
Cause
This problem might occur when a local flash intended for use with either feature has been already formatted with VMFS. Neither Virtual SAN nor virtual flash can share the
flash disk with VMFS or any other file system.
Also, because virtual flash and Virtual SAN are mutually exclusive consumers of flash disks, both features cannot share the same flash disk. If the flash disk is already
claimed by one feature, for example Virtual SAN, you are not be able to use it for another, such as virtual flash, unless you release the disk.
Solution
Use only unformatted flash disks for virtual flash resource and Virtual SAN configuration.
■ Avoid formatting the flash disks with VMFS during ESXi installation or Auto Deploy.
■ If the flash disk is already formatted with VMFS, remove the VMFS datastore. For information see the vSphere Storage documentation.
■ To use the flash disk as a virtual flash resource, do not claim this disk for Virtual SAN. If the disk is claimed by Virtual SAN, remove the disk from Virtual SAN. The flash
disk is released from Virtual SAN and becomes available on the list of disks to use with virtual flash. For information about removing disks from Virtual SAN, see
the Administering VMware Virtual SAN documentation.
■ If you intend to use the flash disk with Virtual SAN, do not use the disk for a virtual flash resource. If the flash disk is used as the virtual flash resource, remove the virtual
flash configuration. The disk becomes available for Virtual SAN. See the vSphere Storage documentation.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.troubleshooting.doc%2FGUID-A17F5D39-C1F3-47B1-9645-5C247412F370.html
QUESTION 136
Which three troubleshooting actions should an administrator take to address slow performance when deploying a virtual machine template? (Choose three.)
Explanation/Reference:
Explanation:
Validate that each troubleshooting step below is true for your environment. Each step will provide instructions or a link to a document, in order to eliminate possible causes
and take corrective action as necessary. The steps are ordered in the most appropriate sequence to isolate the issue and identify the proper resolution. Do not skip a step.
1. Verify if the slow deployment is specific to one template or if it affects all templates. To properly test this, VMware recommends to create a brand new template and test
the deployment. This provides a clean test of the environment. For more information if template deployment is slow for a single template, see Deploying a single
template is slow in vCenter Server (1004028).
2. If you are using ESX (not applicable to ESXi), verify that no processes are over utilizing the resources on the ESX Service Console. For more information,
see Checking for resource starvation of the ESX Service Console (1003496) .
3. Verify that the network configuration on the ESX/ESXi host is optimized for the best performance, including speed and duplex settings. For more information,
see Configuring the speed and duplex of an ESX/ESXi host network adapter (1004089).
4. Verify that the firmware on the RAID controller or HBA is up to date. For more information, see Checking your firmware and BIOS levels to ensure compatibility with
ESX/ESXi (1037257).
5. Verify that the local storage or SAN array is configured correctly. For more information, see Slow ESX/ESXi performance caused by misconfigured local storage or
SAN array (1006602).
6. Verify on ESX/ESXi 4.1 and above if the storage array devices in the environment support the hardware acceleration functionality and if they are responding correctly
to VAAI primitives. If there is no VAAI support on the array cloning or Storage vMotion may fail at 18%. For more information see Cloning or Storage vMotion fails at
18% with the error: Failed to clone: Connection timed out (1029244) .
Link: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004002
QUESTION 137
When attempting to remove a host from a vSphere Distributed Switch (vDS), an administrator observes the error message:
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation: Cause
You cannot remove the host from the distributed switch or delete the host proxy switch because of the following reasons.
■ There are VMkernel adapters on the switch that are in use.
■ There are virtual machine network adapters connected to the switch.
Reference: https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.vsphere.troubleshooting.doc%2FGUID-038AC93F-D710-48ED-8E3B-
258A23FB2930.html
QUESTION 138
An administrator suspects that the MTU value for a vSphere Standard Switch is misconfigured.
A. esxcfg-vswitch -l
B. esxcli network vswitch standard list
C. esxcfg-vss -l
D. esxcli network standard vswitch list
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation: To display a list of vSwitches on the host, and to check that the configuration of the vSwitch is correct:
# esxcfg-vswitch -l
Run this command for ESXi 5.0:
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1007654
QUESTION 139
Deletion of an NFS datastore generates the following error:
Which step can be performed that will allow the deletion to complete successfully?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
To resolve this issue, temporarily stop the VSA plug-in so that the locks on the datastore are released.
If the datastore is free of locks continue to step 2. If there are active files locks in place, resolve them and attempt to unmount the NFS mount again.
2. Disable the VSA plug-in from the vSphere Web Client:
a. From the Home page of the vSphere Web Client, click Administration.
b. Under Solutions, click Client Plug-Ins.
c. Right-click the VSA plug-in and click Disable.
3. Stop the VSA service on vCenter Server.
4. Restart the management agents on the host. For more information, see Restarting the Management agents on an ESXi or ESX host (1003490).
5. Unmount the datastore using the vSphere Client.
6. Start the VSA service on vCenter Server.
7. Re-enable the VSA plug-in in the vSphere Web Client:
a. From the Home page of the vSphere Web Client, click Administration.
b. Under Solutions, click Plug-In Management.
c. Right-click the VSA plug-in and click Enable.
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2102598
QUESTION 140
An administrator uses the df -h command and notices that an NFS datastore is reporting a capacity of 0 Bytes.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: Please refer to this link to understand the situation and how to mitigate it: https://kb.vmware.com/selfservice/microsites/search.do?
language=en_US&cmd=displayKC&externalId=2073021
QUESTION 141
The command esxcli network vm list displays four virtual machines connected to the Production vSwitch. Within the vSphere Web Client, five virtual machines are seen.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: You can use vCLI network commands to view network statistics and troubleshoot your networking setup. The nested hierarchy of commands allows you to
drill down to potential trouble spots.
1 List all virtual machine networks on a host.
QUESTION 142
An administrator is experiencing network connectivity issues between virtual machines. The virtual machines and hosts are configured as follows:
VM1 is running on Host1
VM2 is running on Host2
Both Host1 and Host2 are attached to the vSphere Distributed Switch dvSwitch1
Both Host1 and Host2 are using vmnic0 and vmnic1 on dvSwitch1
Both virtual machines are using the default portgroup for network traffic
What are three settings the administrator should investigate while troubleshooting the connectivity issue? (Choose three.)
Explanation/Reference:
Explanation: Please find link to understand more about the connectivity issues https://kb.vmware.com/selfservice/microsites/search.do?
language=en_US&cmd=displayKC&externalId=1003893
QUESTION 143
A task fails while creating a VMFS5 datastore on a disk with these characteristics:
Was previously used by a Linux server
Was not erased
Is visible with the vSphere Web Client
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: Please refer to link to understand more about it: https://kb.vmware.com/selfservice/microsites/search.do?
language=en_US&cmd=displayKC&externalId=2046610
QUESTION 144
A vSphere Web Client task fails while creating a VMFS datastore on a disk with these characteristics:
The disk was formatted with an Master Boot Record (MBR) partition table
The disk was not erased
The disk is visible in the vSphere Web Client
Explanation/Reference:
Explanation: Deleting a partition
A single partition can be deleted from a partition table on a block disk device using the partedUtil command line utility.
QUESTION 145
Which two reasons would prevent Storage Distributed Resource Scheduler (SDRS) from operating on a datastore? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation: Storage DRS to datastores is like DRS to hosts. It moves VMDKs from heavily utilized to less utilized datastores according to preset space and I/O metrics,
making efficient storage management more achievable.
Storage DRS can run in automatic mode, but most admins are using it in manual mode. This is understandable as we must keep in mind that Storage vMotion is not as
light as vMotion, and hence should not be taken lightly.
Storage DRS does use other storage management technologies like Storage I/O Control (SIOC), and can benefit from others like Profile-Driven Storage and vSphere API
for Storage Awareness (VASA).
QUESTION 146
What are two ways to view the DNS settings for an ESXi 6.x host? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation: To verify that the DNS information in /etc/resolv.conf is correct for your environment, run the command:
Run vicfg-dns without command-specific options to display DNS properties for the specified server.
vicfg-dns <conn_options>
The information includes the host name, domain name, DHCP setting (true or false), and DNS servers on the ESXi host.
Reference: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vcli.examples.doc%2Fcli_manage_networks.11.8.html
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1003796
QUESTION 147
After configuring a Virtual SAN cluster, an administrator using the vSphere Web Client notices that the Virtual SAN datastore is smaller than expected. The cluster
contains:
Three ESXi hosts
Each host has one 10GB SDD
Each host has one 100GB HDD
Why would the Virtual SAN datastore show as 100GB instead of 300GB?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: Here we have three ESXI hosts (each with 100GB HDD) which makes the complete storage to 300 GB. It generally shows 100GB instead of 300GB because
the three hosts are not able to connect properly due to network issues.
QUESTION 148
An administrator tries to capture network traffic for a virtual machine, but cannot see the expected traffic in the packet capture tool.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation: When promiscuous mode is enabled at the portgroup level, objects defined within that portgroup have the option of receiving all incoming traffic on the
vSwitch. Interfaces and virtual machines within the portgroup will be able to see all traffic passing on the vSwitch, but all other portgroups within the same virtual switch do
not.
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1002934
QUESTION 149
An administrator creates a Private VLAN with a Primary VLAN ID of 2. The administrator than creates three Private VLANs as follows:
Marketing
PVLAN ID. 4
PVLAN Type. Isolated
Accounting
PVLAN ID. 5
PVLAN Type. Community
Secretary
PVLAN ID. 17
PVLAN Type. Isolated
Users in the Accounting PVLAN are reporting problems communicating with servers in the Marketing PVLAN.
Which two actions could the administrator take to resolve this problem? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation: Please refer to this link for understanding network connectivity issues in detail: https://kb.vmware.com/selfservice/microsites/search.do?
language=en_US&cmd=displayKC&externalId=1004109
QUESTION 150
An administrator attempts to place a Storage DRS enabled Datastore into Maintenance Mode. The task never completes, and the Entering Maintenance Mode status
remains at 1%.
Which two actions should the administrator take to resolve this problem? (Choose two.)
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
Explanation: Problem
A datastore in a datastore cluster cannot enter maintenance mode. The Entering Maintenance Mode status remains at 1%.
Cause
One or more disks on the datastore cannot be migrated with Storage vMotion. This condition can occur in the following instances.
■ Storage DRS is disabled on the disk.
■ Storage DRS rules prevent Storage DRS from making migration recommendations for the disk.
Solution
■ If Storage DRS is disabled, enable it or determine why it is disabled. See Storage DRS is Disabled on a Virtual Disk for reasons why Storage DRS might be disabled.
■ If Storage DRS rules are preventing Storage DRS from making migration recommendations, you can remove or disable particular rules.
In the vSphere Client inventory, right-click the datastore cluster and select Edit Settings.
Select Rules and click the rule.
Click Remove.
Click OK.
■ Alternatively, if Storage DRS rules are preventing Storage DRS from making migration recommendations, you can set the Storage DRS advanced option
IgnoreAffinityRulesForMaintenance to 1.
In the vSphere Client inventory, right-click the datastore cluster and select Edit Settings.
Select SDRS Automation and click Advanced Options.
Enter 1 in the Value column for IgnoreAffinityRulesForMaintenance.
Click OK.
Reference: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.troubleshooting.doc%2FGUID-91D4FBBC-0677-44DA-B0F2-
43A3504F8CA0.html
QUESTION 151
Which two scenarios could cause Storage DRS to be disabled on a Virtual Disk (VMDK)? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Storage DRS is Disabled on a Virtual Disk
Even when Storage DRS is enabled for a datastore cluster, it might be disabled on some virtual disks in the datastore cluster.
Problem
You have enabled Storage DRS for a datastore cluster, but Storage DRS is disabled on one or more virtual machine disks in the datastore cluster.
Cause
The following scenarios can cause Storage DRS to be disabled on a virtual disk.
■ A virtual machine's swap file is host-local (the swap file is stored in a specified datastore that is on the host). The swap file cannot be relocated and Storage DRS is
disabled for the swap file disk.
■ A certain location is specified for a virtual machine's .vmx swap file. The swap file cannot be relocated and Storage DRS is disabled on the .vmx swap file disk.
■ The relocate or Storage vMotion operation is currently disabled for the virtual machine in vCenter Server (for example, because other vCenter Server operations are in
progress on the virtual machine). Storage DRS is disabled until the relocate or Storage vMotion operation is re-enabled in vCenter Server.
■ The home disk of a virtual machine is protected by vSphere HA and relocating it will cause loss of vSphere HA protection.
■ The disk is a CD-ROM/ISO file.
■ If the disk is an independent disk, Storage DRS is disabled, except in the case of relocation or clone placement.
■ If the virtual machine has system files on a separate datastore from the home datastore (legacy), Storage DRS is disabled on the home disk. If you use Storage vMotion
to manually migrate the home disk, the system files on different datastores will be all be located on the target datastore and Storage DRS will be enabled on the home
disk.
■ If the virtual machine has a disk whose base/redo files are spread across separate datastores (legacy), Storage DRS for the disk is disabled. If you use Storage vMotion
to manually migrate the disk, the files on different datastores will be all be located on the target datastore and Storage DRS will be enabled on the disk.
■ The virtual machine has hidden disks (such as disks in previous snapshots, not in the current snapshot). This situation causes Storage DRS to be disabled on the virtual
machine.
■ The virtual machine is a template.
■ The virtual machine is vSphere Fault Tolerance-enabled.
■ The virtual machine is sharing files between its disks.
■ The virtual machine is being Storage DRS-placed with manually specified datastores
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.troubleshooting.doc%2FGUID-B749AAA0-7B67-4A79-BEDC-395DFEC9FC60.html
QUESTION 152
Refer to the Exhibit.
An administrator is using the esxtop command to troubleshoot storage performance issues on a virtual machine. The esxtop capture is shown in the Exhibit.
Based on the exhibit, which two statements are true? (Choose two.)
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
Explanation: A,C ------Using esxtop to identify storage performance issues for ESX / ESXi (multiple versions) (1008205)
Note: In ESXi 5.x and later, you may see messages indicating that performance has deteriorated. For more information, see Storage device performance deteriorated
(2007236).
QUESTION 153
An administrator is unable to upgrade a vCenter Server Appliance from version 5.1 Update 2 to version 6.0.
A. vCenter Server Appliance 6.0 does not support upgrades from version 5.1 Update 2.
B. vCenter Server Appliance must be joined to an Active Directory domain before upgrading to version 6.0.
C. vCenter Server Appliance 5.1 Update 2 uses an incompatible database for upgrading to version 6.0.
D. vCenter Server Appliance 6.0 must be upgraded using the vSphere Web Client.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
If your current vCenter Server Appliance version is earlier than 5.1 Update 3, you must upgrade to 5.1 Update 3 or later before upgrading to vCenter Server Appliance 6.0.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-66836F60-A095-4749-86C9-1DAFB5D21070.html
QUESTION 154
An administrator has migrated a vCenter Server Appliance from version 5.5 to version 6.x. During the migration, the administrator selected DHCP for the appliance and
obtained a hostname from the DHCP server. The administrator adjusts the hostname after the migration and uses a static IP and hostname.
What should the administrator do immediately after this change to prevent service failures?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
This is a known issue affecting vCenter Server 6.0.
Currently, there is no resolution.
To work around this issue, regenerate the SSL certificates on the vCenter Server 5.x before upgrading to 6.0.
To regenerate the SSL certificates on the vCenter Server 5.x before upgrading to 6.0,
LinkKB: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2110943
QUESTION 155
An administrator is unable to patch an ESXi 6.x host using VMware Update Manager.
A. Upload the offline bundle to a datastore and execute the command esxcli software vib install -d to apply it manually.
B. Upload the vib to a datastore and execute the command esxcli software vib install -d to apply it manually.
C. Upload the offline bundle to a datastore and execute the command esxupdate install -v to apply it manually.
D. Upload the vib to a datastore and execute the command esxupdate install -v to apply it manually.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Update a Host with Individual VIBs
You can update a host with VIBs stored in a software depot that is accessible through a URL or in an offline ZIP depot.
Important
If you are updating ESXi from a zip bundle in a VMware-supplied depot, either online from the VMware Web site or downloaded locally, VMware supports only the update
method specified for VMware-supplied depots in the topic Upgrade or Update a Host with Image Profiles.
The esxcli software vib update and esxcli software vib install commands are not supported for upgrade operations. See Differences Between vSphere Upgrades and
Updates and Upgrade or Update a Host with Image Profiles
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-1E773360-CB1C-4BC2-B2A4-B73AB5706FAF.html
QUESTION 156
Which three logs can be reviewed to troubleshoot a vCenter Server upgrade failure? (Choose three.)
A. vminst.log
B. vim-vcs-msi.log
C. pkgmgr.log
D. vc-upgrade.log
E. firstboot.log
Correct Answer: ABC
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Retrieve Installation Logs Manually
You can retrieve the installation log files manually for examination.
Procedure
1 Navigate to the installation log file locations.
■ %PROGRAMDATA%\VMware\vCenterServer\logs directory, usually
C:\ProgramData\VMware\vCenterServer\logs
■ %TEMP% directory, usually C:\Users\username\AppData\Local\Temp
The files in the %TEMP% directory include vminst.log, pkgmgr.log, pkgmgr-comp-msi.log, and
vim-vcs-msi.log.
2 Open the installation log files in a text editor for examination.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc%2FGUID-CF80C555-BFB1-4FF1-B4E6-6935D424838E.html
QUESTION 157
Attempting to update an ESXi 6.x host using the following command:
Could not download from depot at /tmp/index.xml, skipping (('/tmp/index.xml', '', "[Errno 4] IOError: <urlopen error [Errno 2] No such file or directory: '/tmp/index.xml'>")) url
= /tmp/index.xml
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Put the full path to the .zip even if you're in the same directory
ex: esxcli software vib install -d /tmp/ESXi600-201504001.zip
Also make sure you're in maintenance mode
How to perform next/related steps: Check:----https://pubs.vmware.com/vsphere-60/index.jsp#com.vmware.vsphere.upgrade.doc/GUID-22A4B153-CB21-47B4-974E-
2E5BB8AC6874.html?resultof=%2522
QUESTION 158
A failed upgrade from vCenter Server version 5.x to version 6.0 produces the following error:
[00800 error 'Default'] Database version id '600' is incompatible with this release of VirtualCenter.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: Attempts to upgrade the VMware vCenter Server from 5.x to 6.0 might fail when validating the database
Upgrading VMware vCenter Server with an Oracle Database from 5.x to 6.0 might fail. This error occurs when you install a vCenter Server against an external Microsoft
SQL database. You need to create the database schema manually by referencing to the information in DB_and_schema_creation_scripts_mssql.txt in the DB scripts
folder. An error message similar to the following is displayed:
The user associated with the DSN has insufficient privileges.
This issue is resolved in this release.VMware vCenter Server 6.0 Update 1
check release notes whitepaper on vmware.com
Upgrading from vSphere 5.x to vSphere 6.0 Best Practices (2130664)
https://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=2130664
QUESTION 159
An administrator is troubleshooting a CPU performance issue for a virtual machine.
Which three esxtop counters may demonstrate CPU contention? (Choose three.)
A. %RDY
B. %RUN
C. %MLMTD
D. %WAIT
E. %CSTP
Explanation/Reference:
Explanation:
"%RDY"
The percentage of time the world was ready to run.
A world in a run queue is waiting for CPU scheduler to let it run on a PCPU. %RDY accounts the percentage of this time. So, it is always smaller than 100%.
+If a "CPU Limit" is set to a VM's resource settings, the VM will be deliberately held from scheduled to a PCPU when it uses up its allocated CPU resource. This may
happen even when there is plenty of free CPU cycles. This time deliberately held by scheduler is shown by "%MLMTD", which will be describe next. Note that %RDY
includes %MLMTD. For, for CPU contention, we will use "%RDY - %MLMTD". So, if "%RDY - %MLMTD" is high, e.g., larger than 20%, you may experience CPU
contention.+
+What is the recommended threshold? Well, it depends. As a try, we could start with 20%. If your application speed in the VM is OK, you may tolerate higher threshold.
Otherwise, lower.+
+Q: How do we break down 100% for the world state times?+
+A: A world can be in different states, either scheduled to run, ready to run but not scheduled, or not ready to run (waiting for some events).+
100% = %RUN + %READY + %CSTP + %WAIT.
+Check the description of %CSTP and %WAIT below.+
"%MLMTD"
The percentage of time the world was ready to run but deliberately wasn't scheduled because that would violate the "CPU limit" settings.
"%CSTP"
The percentage of time the world spent in ready, co-deschedule state. This co-deschedule state is only meaningful for SMP VMs. Roughly speaking, ESX CPU scheduler
deliberately puts a VCPU in this state, if this VCPU advances much farther than other VCPUs.
QUESTION 160
Users are reporting CPU related performance problems on the virtual machine Email-Prod throughout the day.
The resource settings for the VM and the ESXi host the VM is running on are shown below:
VM:
Email-Prod
vCPUs: 4
Memory: 96GB
ESXi host:
CPU: 2 x 8 Core Processors
Memory: 128GB
NUMA architecturE. 2 Nodes
Which two options would alleviate the observed performance problem for Email-Prod? (Choose two.)
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
Explanation: B-) Memory
You can change the amount of RAM that a VM will use like this
memsize = "128"
If you don't assign a value for memory VMware will use the default-setting which is 32MB
memsize = "32"
Whenever you assign RAM manually make sure the value is a multiple of 4 - otherwise the VM will not start:
memsize = "255"
causes this error-message:
Memory size 255 not a multiple of 4
https://pubs.vmware.com/vsphere-60/index.jsp#com.vmware.vsphere.hostclient.doc/GUID-99E66B59-53A8-42D0-A08F-17DBE7D4A864.html?resultof=%2522
C-) This is expected behavior based on the current architecture of the scheduler. However, these points help to limit the impact of the issue :Lower the number of vCPUs.
From the example above, you would lower the number of vCPUs from 8 to 6 or less. If the virtual machines are sized such that they are a whole multiple or divisor of the
NUMA node size, this helps with the number of virtual machines that you can power on. If 6 vCPU virtual machines are used, you can run up to at least 8 of those virtual
machines (with 100% CPU utilization) without incurring substantial ready times.
https://www.vmware.com/files/pdf/.../VMware-PerfBest-Practices-vSphere6-0.pdf
QUESTION 161
An administrator is troubleshooting a performance problem with a virtual machine (VM). The VM and ESXi host configuration is as follows:
The application which runs within the virtual machine is highly sensitive to memory latency, but has low processor utilization.
The virtual machine has 6 vCPUs.
The ESXi host CPU topology has 2 Physical CPU Sockets, each with 8 Logical CPUs.
The ESXi host CPU has Hyper Threading enabled.
The administrator would like to improve CPU performance for this VM. Other VMs on the host have no performance issues. Which action should the administrator take
to resolve the issue?
A. Set the Advanced Parameter numa.vcpu.preferHT = TRUE in the virtual machine configuration file.
B. Set the Advanced Parameter numa.vcpu.preferHT = FALSE in the virtual machine configuration file.
C. Set the Advanced Parameter numa.PreferHT = 1 in the ESXi host configuration file.
D. Set the Advanced Parameter numa.PreferHT = 0 in the ESXi host configuration file.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Reference:
https://books.google.co.in/books?id=GnVvAwAAQBAJ&pg=PA78&lpg=PA78&dq=Advanced+Parameter+numa.vcpu.preferHT&source=bl&ots=-
o9dp9BqWj&sig=XT1BXwxJ6qeTg__zHfO8uLnZNTo&hl=en&sa=X&ved=0ahUKEwjUy-eejcrNAhWGqY8KHQCKBzwQ6AEIVjAH#v=onepage&q&f=false
QUESTION 162
An administrator has a virtual machine configured with the following settings:
ESXi version: 5.1
CPU: vCPUs 6
Memory: 48GB
Hardware version: 7
VMware Tools: Installed
Which two actions must the administrator take in order to utilize vNUMA? (Choose two.)
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Using Virtual NUMA
vSphere 5.0 and later includes support for exposing virtual NUMA topology to guest operating systems, which can improve performance by facilitating guest operating
system and application NUMA optimizations.
Virtual NUMA topology is available to hardware version 8 virtual machines and is enabled by default when the number of virtual CPUs is greater than eight. You can also
manually influence virtual NUMA topology using advanced configuration options.
You can affect the virtual NUMA topology with two settings in the vSphere Client: number of virtual sockets and number of cores per socket for a virtual machine. If the
number of cores per socket (cpuid.coresPerSocket) is greater than one, and the number of virtual cores in the virtual machine is greater than 8, the virtual NUMA node
size matches the virtual socket size. If the number of cores per socket is less than or equal to one, virtual NUMA nodes are created to match the topology of the first
physical host where the virtual machine is powered on.
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp#com.vmware.vsphere.resmgmt.doc/GUID-17B629DE-75DF-4C23-B831-08107007FBB9.html
--------------Explanation note-----------------------
Also, Check Page 21,22 https://www.vmware.com/pdf/Perf_Best_Practices_vSphere5.1.pdf
D-) Size your virtual machines so they align with physical NUMA boundaries. For example, if you have a host system with six cores per NUMA node, size your virtual
machines with a multiple of six vCPUs (i.e., 6 vCPUs, 12 vCPUs, 18 vCPUs, 24 vCPUs, and so on). Hence answer is D
Also, Check Page 41,42 https://www.vmware.com/pdf/Perf_Best_Practices_vSphere5.1.pdf
QUESTION 163
When troubleshooting a performance related issue, an administrator sees the following warning message on an ESXi Console:
A. Ensure that the RAM modules are evenly balanced between processor sockets in the physical server.
B. Ensure that all memory banks associated with CPU Socket 0 in the physical server are completely filled.
C. Ensure that the physical server has the maximum amount of RAM modules that it can support.
D. Ensure that all RAM modules in the host are Error-correcting code (ECC) modules.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
This message displays when memory is not evenly distributed between processor sockets.
Each CPU socket has its own RAM slots. To resolve this issue, evenly balance RAM modules between processor sockets. That is, ensure that each bank of RAM slots
has the same amount of RAM.
For example, if CPU socket 1 has a total of 8 GB of RAM, ensure that CPU socket 2 also has 8 GB of RAM.
Ensure that memory on the nodes are balanced. For more information and assistance, contact your vendor.
Note: Damaged or faulty physical RAM modules can also cause this issue.
Reference:
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1018754
QUESTION 164
An administrator observes the following symptoms for a virtual machine:
CPU usage is consistently above 90%
CPU ready value is consistently above 20%.
Application performance is impacted.
Which two actions should the administrator take to improve the performance of this virtual machine? (Choose two.)
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Solutions for Consistently High CPU Usage
Temporary spikes in CPU usage indicate that you are making the best use of CPU resources. Consistently high CPU usage might indicate a problem. You can use the
vSphere Client CPU performance charts to monitor CPU usage for hosts, clusters, resource pools, virtual machines, and vApps.
Problem
■ Host CPU usage constantly is high. A high CPU usage value can lead to increased ready time and processor queuing of the virtual machines on the host.
■ Virtual machine CPU usage is above 90% and the CPU ready value is above 20%. Application performance is impacted.
Cause
The host probably is lacking the CPU resources required to meet the demand.
Solution
■ Verify that VMware Tools is installed on every virtual machine on the host.
■ Compare the CPU usage value of a virtual machine with the CPU usage of other virtual machines on the host or in the resource pool. The stacked bar chart on the
host's Virtual Machine view shows the CPU usage for all virtual machines on the host.
■ Determine whether the high ready time for the virtual machine resulted from its CPU usage time reaching the CPU limit setting. If so, increase the CPU limit on the
virtual machine.
■ Increase the CPU shares to give the virtual machine more opportunities to run. The total ready time on the host might remain at the same level if the host system is
constrained by CPU. If the host ready time doesn't decrease, set the CPU reservations for high-priority virtual machines to guarantee that they receive the required CPU
cycles.
■ Increase the amount of memory allocated to the virtual machine. This action decreases disk and or network activity for applications that cache. This might lower disk I/O
and reduce the need for the host to virtualize the hardware. Virtual machines with smaller resource allocations generally accumulate more CPU ready time.
■ Reduce the number of virtual CPUs on a virtual machine to only the number required to execute the workload. For example, a single-threaded application on a four-way
virtual machine only benefits from a single vCPU. But the hypervisor's maintenance of the three idle vCPUs takes CPU cycles that could be used for other work.
■ If the host is not already in a DRS cluster, add it to one. If the host is in a DRS cluster, increase the number of hosts and migrate one or more virtual machines onto the
new host.
■ Upgrade the physical CPUs or cores on the host if necessary.
■ Use the newest version of hypervisor software, and enable CPU-saving features such as TCP Segmentation Offload, large memory pages, and jumbo frames.
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.monitoring.doc%2FGUID-5F8147A1-6416-4D29-BA3D-E4CED3966016.html
QUESTION 165
An administrator is troubleshooting a CPU issue for a virtual machine. The following is seen in esxtop:
CPU0 is at 100% usage
The remaining logical CPUs are close to 0%
%RDY value is consistently above 10%
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Using CPU Affinity
By specifying a CPU affinity setting for each virtual machine, you can restrict the assignment of virtual machines to a subset of the available processors in multiprocessor
systems. By using this feature, you can assign each virtual machine to processors in the specified affinity set.
CPU affinity specifies virtual machine-to-processor placement constraints and is different from the relationship created by a VM-VM or VM-Host affinity rule, which
specifies virtual machine-to-virtual machine host placement constraints.
Reference:
https://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp?topic=/com.vmware.vsphere.resourcemanagement.doc_41/managing_cpu_resources/c_using_cpu_affinity.html
QUESTION 166
An administrator notices that 8 out of 10 virtual machines have memory ballooning and swapping. However, virtual machine 9 is not ballooning or swapping and virtual
machine 10 is not ballooning but is swapping.
Which two statements explain the behavior of virtual machine 9 and virtual machine 10? (Choose two.)
Correct Answer: AD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
If the memory usage value is high, and the host has high ballooning or swapping, check the amount of free physical memory on the host. A free memory value of 6% or
less indicates that the host cannot handle the demand for memory. This leads to memory reclamation, which might degrade performance.
If the host has enough free memory, check the resource shares, reservation, and limit settings of the virtual machines and resource pools on the host. Verify that the host
settings are adequate and not lower than those set for the virtual machines.
D-) Verify that VMware Tools is installed on each virtual machine. The balloon driver is installed with VMware Tools and is critical to performance. If Vmware tools are not
installed/outdated showing on summary tab Ballooning will not work hence swapping will work because it has nothing to do with ballooning.
Fact: If memory is not available the memory can med mapped to the .vswp file on a vmfs or nfs datastore. The virtual machine has no knowledge if the memory is mapped
to physical memory or to a disk. This is called hypervisor swapping, and this is the last resort for the vmkernel to use this mechanism.(Internal vmware KB article but for
external you may check VMBlog or external links: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1003470 )
QUESTION 167
An administrator is troubleshooting a virtual machine performance issue using vRealize Operations.
Which two badges would help to identify possible resource contention concerns? (Choose two.)
Correct Answer: AD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
The Workload badge shows how hard an object is working. A higher workload score indicates that an object is doing more work. Obviously, you don’t want objects out
there doing zero work, as that is waste but, as the same time, you also don’t want objects completely maxed out with a workload score of 100 either. Workload is an
absolute measurement that calculates the demand for a resource divided by the capacity of an object. Resources might include CPU, memory, disk I/O, or network I/
O. vC Ops will help you to balance workload across your resource objects effectively.
Stress badge reports the stress that an object is under. Just as your stress level is related to your workload, so is the stress score in vC Ops. The stress score is based on
long-term high workload (where the workload score is instantaneous workload). Stress in the virtual infrastructure might come from VMs that are undersized, hosts that are
overloaded, or datastores with consistently high I/O latency. Stress is reported between 0 and 100 with 100 being very high stress and 0 being no stress.
Reference:
http://blogs.vmware.com/management/2014/04/david-davis-on-vcenter-operations-post-8-understanding-vcenter-operations-badges.html
QUESTION 168
A virtual machine is exhibiting these symptoms:
Memory usage is constantly high (94% or greater) or constantly low (24% or less).
Free memory is consistently 6% or less and swapping frequently occurs
Explanation/Reference:
Explanation:
Problem
■ Memory usage is constantly high (94% or greater) or constantly low (24% or less).
■ Free memory consistently is 6% or less and swapping frequently occurs.
Cause
■ The host probably is lacking the memory required to meet the demand. The active memory size is the same as the granted memory size, which results in memory
resources that are not sufficient for the workload. Granted memory is too much if the active memory is constantly low.
■ Host machine memory resources are not enough to meet the demand, which leads to memory reclamation and degraded performance.
■ The active memory size is the same as the granted memory size, which results in memory resources that are not sufficient for the workload.
Solution
■ Verify that VMware Tools is installed on each virtual machine. The balloon driver is installed with VMware Tools and is critical to performance.
■ Verify that the balloon driver is enabled. The VMkernel regularly reclaims unused virtual machine memory by ballooning and swapping. Generally, this does not impact
virtual machine performance.
■ Reduce the memory space on the virtual machine, and correct the cache size if it is too large. This frees up memory for other virtual machines.
■ If the memory reservation of the virtual machine is set to a value much higher than its active memory, decrease the reservation setting so that the VMkernel can reclaim
the idle memory for other virtual machines on the host.
■ Migrate one or more virtual machines to a host in a DRS cluster.
■ Add physical memory to the host.
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.monitoring.doc%2FGUID-115861E6-810A-43BB-8CDB-EE99CF8F3250.html
QUESTION 169
An administrator is concerned about possible vCPU over-commitment for an ESXi 6.x host.
Which two Performance Counters should be reviewed in the vSphere Web Client Performance Charts to confirm if there is contention on the host? (Choose two.)
A. Wait
B. Ready
C. Core Utilization
D. Co-Stop
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
To check vCPU over commitment for an Esxi 6.0 host>>>>>performance Tab>>>>Graph etc.
Ready - Amount of time the virtual machine was ready to run, waiting in a queue to be scheduled.
Co-Stop - Amount of time a SMP virtual machine was ready to run, but incurred delay due to co-vCPU scheduling contention.
These performance metrics can be reviewed using the Performance tab in the vSphere Client or using the esxtop or resxtop command-line utilities. Choose the most
appropriate method for your environment. Make note of the four metrics displayed. Each is measured in milliseconds
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1017926
QUESTION 170
An administrator tries to run esxtop to troubleshoot CPU performance issues, but no output is displayed.
A. esxtop is deprecated in vSphere 6.x, resxtop must be used to produce the desired output.
B. In esxtop, press f and place an asterisk next to each field that should be displayed.
C. sudo should be run in front of esxtop to give the administrator the proper permissions.
D. The esxtop command must be run from the /proc directory to produce output.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Press F (Field Order) to modify fields which you want to display. Then hit Enter to validate.
Reference:
http://www.vladan.fr/storage-performance-troubleshooting-with-esxtop-guide/
QUESTION 171
Refer to the Exhibit.
An administrator is troubleshooting a CPU performance related problem for the SlowVM virtual machine.
Which three actions should the administrator take to improve CPU performance for SlowVM? (Choose three.)
A. Increase the number of vCPUs assigned to SlowVM.
B. Decrease the number of vCPUs assigned to SlowVM.
C. Power off other VMs running on the same ESXi host.
D. Increase the CPU limit for SlowVM.
E. Move SlowVM to another ESXi host with more physical CPU resources available.
Explanation/Reference:
Explanation:
Reference:
https://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp?topic=/com.vmware.vsphere.dcadmin.doc_41/vsp_dc_admin_guide/performance_statistics/
c_troubleshoot_cpu.html
QUESTION 172
Refer to the Exhibit.
Examine the esxtop command output shown in the Exhibit.
Which option would improve application performance for the SlowVM virtual machine?
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Determine whether the high ready time for the virtual machine resulted from its CPU usage time reaching the CPU limit setting. If so, increase the CPU limit on the virtual
machine.
Reference:
https://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp?topic=/com.vmware.vsphere.dcadmin.doc_41/vsp_dc_admin_guide/performance_statistics/
c_troubleshoot_cpu.html
QUESTION 173
An administrator notices that a Windows virtual machine is using 95% CPU in Task Manager.
Which two actions should be taken to resolve this issue? (Choose two.)
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Determine whether the high ready time for the virtual machine resulted from its CPU usage time reaching the CPU limit setting. If so, increase the CPU limit on the virtual
machine.
Increase the CPU shares to give the virtual machine more opportunities to run. The total ready time on the host might remain at the same level if the host system is
constrained by CPU. If the host ready time doesn't decrease, set the CPU reservations for high-priority virtual machines to guarantee that they receive the required CPU
cycles.
Reference:
https://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp?topic=/com.vmware.vsphere.dcadmin.doc_41/vsp_dc_admin_guide/performance_statistics/
c_troubleshoot_cpu.html
QUESTION 174
An administrator wants to select a Host Power Management Policy for an ESXi 6.x host that will disable most hardware power management features.
Which Host Power Management Policy should be selected to meet this requirement?
A. High Performance
B. Balanced
C. Low Power
D. Disabled
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
High Performance
The VMkernel detects certain power management features, but will not use them unless the BIOS requests them for power capping or thermal events
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.resmgmt.doc%2FGUID-4D1A6F4A-8C99-47C1-A8E6-EF3865603F5B.html
QUESTION 175
An administrator wants to monitor virtual machines on a host and send notifications when memory usage reaches 80%.
A. A host alarm that will monitor virtual machine memory usage and set a trigger to email the notification.
B. A vCenter Server alarm that will monitor virtual machine memory usage and set an action to email the notification.
C. A host alarm that will monitor virtual machine memory usage and set an action to email the notification.
D. A vCenter Server alarm that will monitor virtual machine memory usage and set a trigger to email the notification.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Alarm Actions
Alarm actions are operations that occur in response to triggered alarms. For example, email notifications are alarm actions.
Reference:
https://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp#com.vmware.vsphere.dcadmin.doc_41/vc_client_help/working_with_alarms/c_alarm_actions.html
QUESTION 176
What is the name of the High Availability agent log?
A. fdm.log
B. ha.log
C. vpxa.log
D. aam.log
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Logs from vCenter Server Components on ESXi 5.1 and 5.5
When an ESXi 5.1 / 5.5 host is managed by vCenter Server 5.1 and 5.5, two components are installed, each with its own logs:
/var/log/vpxa.log: vCenter Server vpxa agent logs, including communication with vCenter Server and the Host Management hostd agent.
/var/log/fdm.log: vSphere High Availability logs, produced by the fdm service. For more information, see the vSphere HA Security section of the vSphere Availability
Guide.
Reference:
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2032076
QUESTION 177
An administrator is attempting to enable Legacy Fault Tolerance (FT) on a virtual machine and observes the following in the vSphere Web Client:
A. Standard
B. Enterprise
C. Enterprise Plus
D. Essentials Plus
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Licensing
The number of vCPUs supported by a single fault tolerant VM is limited by the level of licensing that you have purchased for vSphere. Fault Tolerance is supported as
follows:
■ vSphere Standard and Enterprise. Allows up to 2 vCPUs
■ vSphere Enterprise Plus. Allows up to 4 vCPUs
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.avail.doc%2FGUID-57929CF0-DA9B-407A-BF2E-E7B72708D825.html
QUESTION 178
An administrator is attempting to enable Fault Tolerance on a virtual machine with 4 vCPUs and observes the following in the vSphere Web Client:
A. Enterprise
B. Enterprise Plus
C. Standard
D. Essentials Plus
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Licensing
The number of vCPUs supported by a single fault tolerant VM is limited by the level of licensing that you have purchased for vSphere. Fault Tolerance is supported as
follows:
■ vSphere Standard and Enterprise. Allows up to 2 vCPUs
■ vSphere Enterprise Plus. Allows up to 4 vCPUs
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.avail.doc%2FGUID-57929CF0-DA9B-407A-BF2E-E7B72708D825.html
QUESTION 179
When attempting to place a datastore in Maintenance Mode, the task remains at 1%.
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Datastore Cannot Enter Maintenance Mode
You place a datastore in maintenance mode when you must take it out of usage to service it. A datastore enters or leaves maintenance mode only as a result of a user
request.
Problem
A datastore in a datastore cluster cannot enter maintenance mode. The Entering Maintenance Mode status remains at 1%.
Cause
One or more disks on the datastore cannot be migrated with Storage vMotion. This condition can occur in the following instances.
■ Storage DRS is disabled on the disk.
■ Storage DRS rules prevent Storage DRS from making migration recommendations for the disk.
Solution
■ If Storage DRS is disabled, enable it or determine why it is disabled. See Storage DRS is Disabled on a Virtual Disk for reasons why Storage DRS might be disabled.
■ If Storage DRS rules are preventing Storage DRS from making migration recommendations, you can remove or disable particular rules.
a. In the vSphere Client inventory, right-click the datastore cluster and select Edit Settings.
b. Select Rules and click the rule.
c. Click Remove.
d. Click OK.
■ Alternatively, if Storage DRS rules are preventing Storage DRS from making migration recommendations, you can set the Storage DRS advanced option
IgnoreAffinityRulesForMaintenance to 1.
a. In the vSphere Client inventory, right-click the datastore cluster and select Edit Settings.
b. Select SDRS Automation and click Advanced Options.
c. Enter 1 in the Value column for IgnoreAffinityRulesForMaintenance.
d. Click OK.
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.troubleshooting.doc%2FGUID-91D4FBBC-0677-44DA-B0F2-43A3504F8CA0.html
QUESTION 180
What are two likely causes for a DRS cluster to become unbalanced? (Choose two.)
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Load Imbalance on Cluster
A cluster has a load imbalance of resources.
Problem
A cluster might become unbalanced because of uneven resource demands from virtual machines and unequal capacities of hosts.
Cause
The following are possible reasons why the cluster has a load imbalance:
■ The migration threshold is too high.
A higher threshold makes the cluster a more likely candidate for load imbalance.
■ VM/VM or VM/Host DRS rules prevent virtual machines from being moved.
■ DRS is disabled for one or more virtual machines.
■ A device is mounted to one or more virtual machines preventing DRS from moving the virtual machine in order to balance the load.
■ Virtual machines are not compatible with the hosts to which DRS would move them. That is, at least one of the hosts in the cluster is incompatible for the virtual
machines that would be migrated. For example, if host A's CPU is not vMotion-compatible with host B's CPU, then host A becomes incompatible for powered-on virtual
machines running on host B.
■ It would be more detrimental for the virtual machine's performance to move it than for it to run where it is currently located. This may occur when loads are unstable or
the migration cost is high compared to the benefit gained from moving the virtual machine.
■ vMotion is not enabled or set up for the hosts in the cluster.
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.troubleshooting.doc%2FGUID-0C132C85-E7BF-445E-925D-31420A06B01C.html
QUESTION 181
Which two scenarios would cause a Fault Tolerance-enabled virtual machine to fail to power the Secondary virtual machine? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
A-) This issue occurs when the SSL certificate thumbprint presented to the master host is not what the master host is expecting. This is indicated by the thumbprint
mismatch error in the fdm.log file of the master host https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2012649
In general terms, a second virtual machine is created to work in tandem with the virtual machine on which you have enabled Fault Tolerance. This virtual machine resides
on a different host in the cluster and runs in virtual lockstep with the primary virtual machine. When a failure is detected, the second virtual machine takes the place of the
first one with the least possible interruption of service. More specific information about how this is achieved can be found in the Protecting Mission-Critical Workloads with
VMware Fault Tolerance whitepaper.
B-) You may need to complete this process for multiple clusters. VMware HA can be disabled only if there are no virtual machines with VMware Fault Tolerance (FT)
enabled. If there are virtual machines with VMware FT enabled in the cluster you are disabling, turn off VMware FT before disabling VMware HA. The process of turning off
VMware FT is described in Disabling or Turning Off VMware FT (1008026) .
QUESTION 182
Refer to the Exhibit.
An administrator is reviewing a vSphere Distributed Resource Scheduler (DRS) enabled Cluster and observes unexpected behavior as shown in the Exhibit.
What are three potential causes of the cluster imbalance? (Choose three.)
Explanation/Reference:
Explanation: A-)
A device is mounted to one or more virtual machines preventing DRS from moving the virtual machine in order to balance the load.
B-) The migration threshold is too high.
A higher threshold makes the cluster a more likely candidate for load imbalance.
VM/VM or VM/Host DRS rules prevent virtual machines from being moved.
C-) It would be more detrimental for the virtual machine's performance to move it than for it to run where it is currently located. This may occur when loads are unstable or
the migration cost is high compared to the benefit gained from moving the virtual machine.
Observe that vMotion is not enabled or set up for the hosts in the cluster, DRS does not move any virtual machines from a host. ... from this host would violate a VM/VM
DRSrule or VM/Host DRS rule.
https://pubs.vmware.com/
QUESTION 183
Refer to the Exhibit.
An administrator receives vRealize Operations alerts for the Health of the virtual machine PVMAPP_0 as shown in Exhibit 1:
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
The default Hardware Version of the vRealize Operations Manager virtual machine is 7, limiting the maximum vCPUs selection to 8. You can upgrade the Hardware
Version of the Analytics machine to increase the vCPU limit.
Theoretically, the performance of PVM should be similar or better than HVM. But, this trend tends to break when the vCPU count increases from 20 vCPUS. This problem
is counter intuitive and is only observed in case of vCPUs being greater than 20 physical cores. We classify this problem as sleepy lock anomaly, which occurs due to
the usage of paravirtual interface in the ticket spinlock implementation that has been introduced to solve the Lock Holder Preemption problem without the architectural
support (i.e. Pause Loop Exiting).
Take steps to analyze the scalability behavior of VMs with high core count (till 80 core). Our preliminary study suggests that besides cache contention bottleneck, the
usage of ticket spinlock is another culprit for the degradation. We will take a step further and will try to analyze the scalability characteristics of these monster VMs by
running other benchsuites from Mosbench.
https://www.vmware.com/support/pubs/vrealize-automation-pubs.htm
QUESTION 184
Which two identification sources can a vSphere Auto Deploy rule use to identify target hosts? (Choose two.)
A. Processor Serial Number
B. Security Identifier
C. SMBIOS information
D. BIOS UUID
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
Explanation: You specify the behavior of the Auto Deploy server by using a set of rules written in Power CLI. The Auto Deploy rule engine checks the rule set for matching
host patterns to decide which items (image profile, host profile, or vCenter Server location) to provision each host with.
The rule engine maps software and configuration settings to hosts based on the attributes of the host. For example, you can deploy image profiles or host profiles to two
clusters of hosts by writing two rules, each matching on the network address of one cluster
The rule engine includes rules and rule sets.
Rules
Rules can assign image profiles and host profiles to a set of hosts, or specify the location (folder or cluster) of a host on the target vCenter Server system. A rule can
identify target hosts by boot MAC address, SMBIOS information, BIOS UUID, Vendor, Model, or fixed DHCP IP address. In most cases, rules apply to multiple hosts.
You create rules by using Auto Deploy PowerCLI cmdlets. After you create a rule, you must add it to a rule set. Only two rule sets, the active rule set and the working
rule set, are supported. A rule can belong to both sets, the default, or only to the working rule set. After you add a rule to a rule set, you can no longer change the
rule. Instead, you copy the rule and replace either items or patterns. By default, Auto Deploy uses the name of the rule for the copy and hides the original rule.
Reference:
https://pubs.vmware.com/vsphere50/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc_50%2FGUID-EB22DCFF-C606-43CB-A7BC-068AC79A6237.html
QUESTION 185
An administrator has decided to create 10 ESXi 6.x hosts via Auto Deploy for a new Test/Dev cluster. The hosts are configured to obtain their networking configuration via
DHCP.
Which Direct Console User Interface option should the administrator use to renew the DHCP lease for the hosts?
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation: Restart the Management Network
Restarting the management network interface might be required to restore networking or to renew a DHCP lease.
Restarting the management network will result in a brief network outage that might temporarily affect running virtual machines.
If a renewed DHCP lease results in a new network identity (IP address or host name), remote management software will be disconnected.
Procedure
1 . From the direct console, select Restart Management Network and press Enter.
2 . Press F11 to confirm the restart.
Reference: https://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc_50%2FGUID-E46F9F62-D1BB-4485-815D-08DBAE320CC3.html
QUESTION 186
An administrator is deploying ESXi 6.x hosts using Auto Deploy and wants the image profile to be available, even after closing and opening a new PowerCLI window.
Which command can be used to ensure that image profiles are preserved across PowerCLI sessions?
A. Set-EsxImageProfile
B. Export-EsxImageProfile
C. Save-EsxImageProfile
D. Preserve-EsxImageProfile
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation: Detailed Description
Exports an Image Profile object as either an ESXi ISO image that can be booted up and used as an ESXi installer, or an offline depot ZIP file that contains metadata plus
the VIB packages. In both cases, downloads the VIB binaries and validates the VIB signatures.
You can perform the following tasks with the offline depot ZIP file:
*Import the ZIP into VMware Update Manager for patch remediation
*Download the ZIP to an ESXi host and used with esxcli for installation
*Re-import the ZIP into ImageBuilder itself using Add-EsxSoftwareDepot
QUESTION 187
Which two are valid compliance results that indicate the need to apply a Host Profile? (Choose two.)
A. Non-compliant
B. Inconsistent
C. Unknown
D. Disconnected
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
Explanation: Check Compliance You can confirm the compliance of a host or cluster to its attached Host Profile and determine which, if any, configuration parameters on
a host are different from those specified in the Host Profile.
Procedure
1 Navigate to a Host Profile. The Objects tab lists all Host Profies, the number or hosts attached to that Host Profile, and summarized results of the last compliance check.
2 Click the Check Host Profile Compliance icon ( ).
In the Objects tab, the compliance status is updated as Compliant, Unknown, or Non-compliant. A non-compliant status indicates a discovered and specific inconsistency
between the profile and the host. To resolve this, you should remediate the host. And unknown status indicates that the compliance of the host could not be verified; to
resolve the issue, remediate the host through the Host Profile.
Reference: https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-60-host-profiles-guide.pdf
QUESTION 188
An administrator is using Auto Deploy to create several ESXi 6.x hosts that will be connected to a vSphere Distributed Switch. After the hosts are deployed, the
administrator notices that LACP packets are not being sent between them.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation: LACP Limitations on a vSphere Distributed Switch
Link Aggregation Control Protocol (LACP) on a vSphere distributed switch allows network devices to negotiate automatic bundling of links by sending LACP packets to a
peer. However, there are some limitations when using LACP with a vSphere distributed switch.
■ LACP only works with IP Hash load balancing and Link Status Network failover detection.
■ LACP is not compatible with iSCSI software multipathing.
■ vSphere only supports one LACP group per distributed switch, and only one LACP group per host.
■ LACP settings do not exist in host profiles.
■ LACP between two nested ESXi hosts is not possible.
■ LACP does not work with port mirroring.
Reference: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.networking.doc%2FGUID-3FDE1E96-9217-4FE6-8B76-6E3A64766828.html
QUESTION 189
An administrator plans to use VMware Converter Standalone to convert a virtual machine to a vSphere environment. The source virtual machine has these properties:
Running Windows 2008 R2
Contains one NTFS formatted volume
During conversion, how many virtual disks can the administrator add to the destination virtual machine?
A. 0
B. 1
C. 2
D. 3
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
After adding virtual disk on Windows 2008 and Windows 2008 R2, you cannot make disk online
Windows 2008 and Windows 2008 R2 virtual machine is configured with Virtual Hardware version 7
You see this error within Windows under Disk Management:
The disk is offline because of policy set by an administrator so the virtual disk will show 0.
Make disk online how follow the KB: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2000767
QUESTION 190
An administrator needs to migrate a legacy physical application server to a virtual machine within a vSphere 6 cluster. As part of the conversion, the administrator must
reduce the size of the virtual disks.
What action should the administrator take to create a virtual machine with smaller virtual disks than the original physical server?
A. Shut down the physical server and use VMware Converter cold cloning with volume-based cloning at the disk level.
B. Use VMware Converter hot cloning with volume-based cloning at the block level.
C. Shut down the physical server and use VMware Converter cold cloning with volume-based cloning at the file level.
D. Use VMware Converter hot cloning with volume-based cloning at the file level.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation: When reducing the disk volume size, the cloning operation switches from a Block level clone to a File level clone operation, meaning each individual file on
the filesystem is copied over to the virtual machines hard drive rather than a block by block image of the drive.
This can cause issues if the filesystem on the source machine is not in good health (for example, if it is severely fragmented, the physical drive has unrecorded bad
sectors, or system files are damaged or missing in the index tables of the NTFS file system).
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1014872
QUESTION 191
An administrator needs to recover disk space on a previously-used thin provisioned virtual disk. The volumes where the administrator needs to recover the disk blocks are
on VAAI-compliant storage arrays.
Which two actions should the administrator take accomplish this task? (Choose two.)
A. Perform a Storage vMotion to another volume in order to force free space recovery to occur. This recreates the volume in a new location and recovers all unused
space.
B. Use VMware Converter to migrate the virtual machine to a new datastore. This will recreate the volumes and recover all unused space.
C. Issue the vmkfstools -vmfs unmap command within the VMFS volume directory on the ESXi host console.
D. Execute the esxcli storage vmfs unmap command.
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
To reclaim unused storage blocks on a VMFS datastore for a thin-provisioned device, run this command:
esxcli storage vmfs unmap --volume-label=volume_label|--volume-uuid=volume_uuid --reclaim-unit=number
The command takes these options:
-l|--volume-label=volume_label
The label of the VMFS volume to UNMAP. This is a mandatory argument. If you specify this argument, do not use -u|--volume-uuid= volume_uuid.
-u|--volume-uuid=volume_uuid
The UUID of the VMFS volume to UNMAP. This is a mandatory argument. If you specify this argument, do not use -l|--volume-label= volume_label.
-n|--reclaim-unit=number
The number of VMFS blocks to UNMAP per iteration. This is an optional argument. If it is not specified, the command uses a default value of 200.
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2057513
QUESTION 192
Refer to the Exhibit.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Scaling out (not up) your VMs ie: Don’t have one 8 vCPU SQL DB server, use 4 smaller 2vCPU VMs
If there is resource contention, RP-QA receives 4GHz and 2GB of memory, and RP-Marketing 2GHz and 1GB.
Otherwise, they can receive more than this allotment. Those resources are then available to the virtual machines in the respective resource pools.
So now you know better than to use reservations to solve CPU contention.
https://pubs.vmware.com/vsphere-6.0
QUESTION 193
An administrator wants to set a non-default isolation address of 192.168.1.2 for High Availability.
A. Das.isolationaddress0=192.168.1.2
B. Das.useisolationaddress0=192.168.1.2
C. Das.defaultisolationaddress0=192.168.1.2
D. Das.haisolationaddress0=192.168.1.2
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: Details
In VirtualCenter Server 2.0.2 and above, you can specify more than one isolation response address for VMware High Availability (HA). The use of multiple isolation
response addresses offers VMware HA a potentially more accurate picture of the network connectivity of a host. There may be situations in which a single isolation
address would indicate that a host is in a state of complete isolation from the network, but access to additional isolation addresses would show that only a partial network
failure has occurred.
Solution
Multiple isolation response addresses can be specified using the das.isolationaddress0 through das.isolationaddress9options.
Similarly, you can set more isolation response addresses using das.isolationaddress1 throughdas.isolationaddress9.
6. In the Advanced Options (HA) dialog box, set this option:
Option: das.usedefaultisolationaddress
Value: false
Notes:
You must set this option if you are setting multiple isolation response addresses.
Additionally you should configure das.usedefaultisolationaddress to false when the default gateway is a device which cannot be pinged.
7. Click OK.
8. Click OK.
9. Edit settings for the cluster again.
10. Disable HA and click OK.
11. Edit settings again.
12. Enable HA and click OK.
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1002117
QUESTION 194
How does vSphere High Availability calculate the memory slot size of a virtual machine?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Virtual machine memory reservation + overhead of largest virtual machine
Metrics Example: Suppose if :
Memory (2048MB)
Memory Overhead (110.63MB)
The first one, Memory, is an easy one. This is the amount of memory you provisioned your VM with, in this case 2048MB. The second field is Memory Overhead. Memory
Overhead is the amount of memory the VMkernel thinks it will need to run the virtualized workload, in this case 110.63MB. This typicall would include things like page
tables, frame buffers etc.
https://www.vmware.com/files/pdf/.../VMware-PerfBest-Practices-vSphere6-0.pdf
QUESTION 195
Refer to the Exhibit.
An administrator receives the error message shown in the Exhibit.
Which two actions can be taken to clear the warning? (Choose two.)
A. Add a Virtual SAN datastore and configure it for High Availability heartbeating.
B. Set the advanced High Availability parameter Das.heartbeatdsperhost to 1.
C. Set the advanced High Availability parameter Das.ignoreInsufficientHbDatastore to true.
D. Add a shared datastore and reconfigure High Availability.
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
To disable the HA error message:
7. Log in to vCenter Server.
8. Right-click the cluster and click Edit Settings.
9. Click vSphere HA > Advanced Options.
10. Under Option, add an entry for das.ignoreInsufficientHbDatastore.
11. Under Value, type true.
12. Click Cluster Features.
13. De-select Turn on vSphere HA and click OK.
14. Wait for all the hosts in the cluster to deconfigure HA, then right-click the cluster and click Edit Settings.
15. Click Cluster Features.
16. Click Turn on vSphere HA.
17. Click OK.
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2004739
QUESTION 196
In a vSphere High Availability cluster, what is the VM Monitoring I/O stats interval default value?
A. 60 seconds
B. 90 seconds
C. 120 seconds
D. 180 seconds
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation: The I/O stats interval determines if any disk or network activity has occurred for the virtual machine during the previous two minutes (120 seconds). If not, the
virtual machine is reset. This default value (120 seconds) can be changed using the advanced attribute das.iostatsinterval.
Reference: https://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vsphere.avail.doc_50%2FGUID-62B80D7A-C764-40CB-AE59-752DA6AD78E7.html
QUESTION 197
An administrator enables High Availability (HA) on a Virtual SAN cluster.
There are four vmkernel port groups with the following IP addresses assigned:
Management: 192.168.12.10
vMotion: 192.168.13.10
Virtual SAN: 192.168.14.10
Fault TolerancE. 192.168.15.10
A. 192.168.12.10
B. 192.168.13.10
C. 192.168.14.10
D. 192.168.15.10
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Give the VMKernel port a label (e.g. iSCSI - if it will purley be used for iSCSI).
Enter the VLAN ID if the pNICs connected to the vSwitch are trunk ports and you have a specific VLAN for this traffic (e.g. a dedicated storage VLAN).
Now if the port will only be used for storage services (iSCSI and NFS),.
If the port will be used for all VMkernel services (iSCSI, NFS, vMotion and FT), tick the additional boxes to allow this port to be used also for those services,
Assigned the FT (IP Address)
Clustering is configured to give you, the administrator of an environment, a form of fault tolerance, and VMware has taken this concept to a whole other level. Although
VMware does not call FT clustering, it functions the same in that FT will failover the primary virtual machine to a secondary virtual machine. VMware Fault Tolerance (FT)
is based on vLockstep technology and provides zero downtime, zero data loss, and continuous availability for your applications.
Next,
• Always assign a reasonably high relative share for the Fault Tolerance
resource pool because FT is a very latency-sensitive traffic type.
QUESTION 198
An administrator wants to configure a High Availability cluster to allow virtual machines a 10 minute window to shut down in the event of a Host Isolation incident.
What two configuration settings would satisfy this requirement? (Choose two.)
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
Explanation:
das.isolationShutdownTimeout
The number of seconds an FDM waits for a virtual machine to power off after initiating a guest shutdown before the FDM issues a power off. If the option is unset, 300s is
used.
Reference: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2033250
QUESTION 199
A vSphere 6 High Availability cluster has been configured with default settings. Four virtual machines in the cluster have been configured with these priorities:
Prod-DB. High
Prod-Email: High
Prod-VC. Medium
Dev-VDI: Low
How many VM Overrides would need to be defined at the cluster level to meet the restart priorities?
A. 1
B. 2
C. 3
D. 4
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
After you create a vSphere HA cluster, you can override the default cluster settings for Restart Priority and Isolation Response for specific virtual machines. Such
overrides are useful for virtual machines that are used for special tasks. For example, virtual machines that provide infrastructure services like DNS or DHCP might need
to be powered on before other virtual machines in the cluster.
VM Overrides the default or defined to meet the restart priorities : 2 are HIGH and medium, low respectively hence its 2 overrides at cluster level.
https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-60-availability-guide.pdf
QUESTION 200
Which two settings are required for Virtual Machine Component Protection (VMCP) to protect from All Paths Down (APD) and Permanent Device Loss (PDL)? (Choose
two.)
A. Host Monitoring
B. VM Restart Priority
C. Virtual machine Monitoring
D. Response for Host Isolation
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation: If either the Host Monitoring or VM Restart Priority settings are disabled, VMCP cannot perform virtual machine restarts. Storage health can still be monitored
and events can be issued,
Reference:
https://pubs.vmware.com/vsphere60/index.jsp?topic=%2Fcom.vmware.vsphere.avail.doc%2FGUID-F01F7EB8-FF9D-45E2-A093-5F56A788D027.html
QUESTION 201
Which two options are available in the Virtual Machine Component Protection (VMCP) setting Response for Datastore with All Paths Down (APD)? (Choose two.)
A. Issue Events
B. Power off and restart virtual machines
C. Reset virtual machines
D. Leave Powered On
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
PDL failures
A virtual machine is automatically failed over to a new host unless you have configured VMCP only to Issue events.
APD events
The response to APD events is more complex and accordingly the configuration is more fine-grained.
After the user-configured Delay for VM failover for APDperiod has elapsed, the action taken depends on the policy you selected. An event will be issued and the
virtual machine is restarted conservatively or aggressively. The conservative approach does not terminate the virtual machine if the success of the failover is unknown,
for example in a network partition. The aggressive approach does terminate the virtual machine under these conditions. Neither approach terminates the virtual
machine if there are insufficient resources in the cluster for the failover to succeed.
If APD recovers before the user-configured Delay for VM failover for APD period has elapsed, you can choose to reset the affected virtual machines, which recovers
the guest applications that were impacted by the IO failures.
Reference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.avail.doc%2FGUID-F01F7EB8-FF9D-45E2-A093-5F56A788D027.html
QUESTION 202
Which two statements regarding Distributed Resource Scheduler (DRS) affinity rules are true? (Choose two.)
A. When two VM-VM affinity rules conflict, the older one takes precedence and the newer rule is disabled.
B. Using Specify Failover Hosts admission control policy, VM-VM affinity rules are not supported.
C. DRS gives higher precedence to preventing violations of anti-affinity rules than violations of affinity rules.
D. It is not possible to create an affinity rule that conflicts with the other rules being used.
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
Explanation: VM-VM Affinity Rule Conflicts
You can create and use multiple VM-VM affinity rules, however, this might lead to situations where the rules conflict with one another.
If two VM-VM affinity rules are in conflict, you cannot enable both. For example, if one rule keeps two virtual machines together and another rule keeps the same two
virtual machines apart, you cannot enable both rules. Select one of the rules to apply and disable or remove the conflicting rule.
When two VM-VM affinity rules conflict, the older one takes precedence and the newer rule is disabled. DRS only tries to satisfy enabled rules and disabled rules are
ignored. DRS gives higher precedence to preventing violations of anti-affinity rules than violations of affinity rules.
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp#com.vmware.vsphere.resmgmt.doc/GUID-69C738B6-5FC8-4189-9CB5-DD90A5A05979.html
QUESTION 203
Refer to the Exhibit.
An administrator has configured Distributed Resource Scheduler (DRS) groups and Affinity Rules as shown in the Exhibit.
Based on the exhibit, which two statements are true? (Choose two.)
A. If ESXi-A and ESXi-D failed, VM-A and VM-B would not failover.
B. A new conflicting affinity rule will be disabled by default.
C. VM-B and VM-D can run on the same hosts.
D. The administrator must disable Rule3 in order to enable Rule4.
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
Explanation : B-) NOTE If you use the Specify Failover Hosts admission control policy and designate multiple failover hosts, DRS does not attempt to enforce VM-VM
affinity rules for virtual machines that are running on failover hosts.
D-) vSphere HA and DRS Affinity Rules If you create a DRS affinity rule for your cluster, you can specify how vSphere HA applies that rule during a virtual machine
failover. The two types of rules for which you can specify vSphere HA failover behavior are the following: n VM anti-affinity rules force specified virtual machines to remain
apart during failover actions. n VM-Host affinity rules place specified virtual machines on a particular host or a member of a defined group of hosts during failover actions.
When you edit a DRS affinity rule, select the checkbox or checkboxes that enforce the desired failover behavior for vSphere HA. n HA must respect VM anti-affinity rules
during failover -- if VMs with this rule would be placed together, the failover is aborted.
https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-60-availability-guide.pdf
QUESTION 204
An administrator wants to prevent a priority virtual machine that resides in a vSphere DRS cluster from migrating to other hosts in the cluster.
What configuration step will accomplish this without affecting other virtual machines?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Option / Description
Manual
Placement and migration recommendations are displayed, but do not run until you manually apply the recommendation.
Manual
Placement and migration recommendations are displayed, but do not run until you manually apply the recommendation.
Reference: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.resmgmt.doc%2FGUID-E83A6B62-37F8-46D0-8D0A-
QUESTION 205
Refer to the Exhibit.
The Prod-DB virtual machine has a VM Override as shown in the Exhibit.
What step, it taken, would require all virtual machines in the cluster to migrate automatically?
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 206
Refer to the Exhibit.
An administrator reviews the Health of a virtual machine, as shown in the Exhibit.
Based on the exhibit, which three metrics can be used to determine the virtual machine's Workload characteristics? (Choose three.)
A. CPU
B. Memory
C. Network IO
D. Threads
E. vNUMA Stats
Explanation/Reference:
Explanation:
Virtual Machine Alert Definitions
The vCenter adapter provides alert definitions that are generated on the virtual machines in your environment.
Health/Symptom-based
These alerts have the following impact and criticality information.
Check the Link for detailed info: http://pubs.vmware.com/vrealizeoperationsmanager-61/index.jsp?topic=%2Fcom.vmware.vcom.core.doc%2FGUID-746FD64E-3380-
44A6-A154-0BC63B4624F0.html
QUESTION 207
Refer to the Exhibit.
An administrator wants to increase the capacity of a VMFS5 datastore; but the Increase Size by slider is not available, as shown in the Exhibit.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Procedure
1.Select the datastore to grow and click the Increase Datastore Capacity icon.
2.Select a device from the list of storage devices.
Your selection depends on whether an expandable storage device is available.
Choose the options from Drop down menu list:
Check the link: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.storage.doc%2FGUID-D57FEF5D-75F1-433D-B337-E760732282FC.html
QUESTION 208
Refer to the Exhibit.
An administrator recently created a Virtual SAN but no Storage Policies were defined. A few virtual machines were deployed to this cluster. The administrator analyzes the
default Virtual SAN policy as shown in the Exhibit.
Based on the exhibit, which two statements are true? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Policies Rules: Defines the number of host, disk, or network failures a virtual machine object can tolerate. For n failures tolerated, n+1 copies of the virtual machine object
are created and 2n+1 hosts with storage are required.
Default value is 1. Maximum value is 3.
To understand more check the link: https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.vsphere.storage.doc%2FGUID-C8E919D0-9D80-4AE1-826B-
D180632775F3.html
QUESTION 209
Refer to the Exhibit.
A Storage Policy for a Virtual SAN is set to the default policy, as shown in the Exhibit.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
The new policy is added to the list.
What to do next:
Apply this policy to a virtual machine and its virtual disks. Virtual SAN will place the virtual machine objects in accordance with the requirements specified in the policy. For
information about using and editing storage policies, see About Virtual Machine Storage Policies.
Also Check:
Policies Rules: Defines the number of host, disk, or network failures a virtual machine object can tolerate. For n failures tolerated, n+1 copies of the virtual machine object
are created and 2n+1 hosts with storage are required.
Default value is 1. Maximum value is 3.
To understand more check the link: https://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.vsphere.storage.doc%2FGUID-C8E919D0-9D80-4AE1-826B-
D180632775F3.html
QUESTION 210
Refer to the Exhibit.
A. Devices
B. Properties
C. Paths
D. Advanced Options
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
To know the detailed info about the tab:
If you go to Host > Configuration > Storage, you can see the Hardware Acceleration Status in the panel on the right side.
For each storage device and datastore, the vSphere Client displays the hardware acceleration support status in the Hardware Acceleration column of the Devices view
and the Datastores view.
The status values are Unknown, Supported, and Not Supported. The initial value is Unknown. The status changes to Supportedafter the host successfully performs the
offload basic operations. If the offload operation fails, the status changes to Not Supported.
Check link KB: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1021976
QUESTION 211
Refer to the Exhibit.
An administrator is troubleshooting intermittent poor performance of virtual machines in a vSphere 6.x cluster. Investigating esxtop data shows that the only statistic that
stands out is %CSTP as depicted in Exhibit 1:
The administrator proceeds to switch to the Power Management screen and observes the data depicted in Exhibit 2:
Based on the information in the exhibits, which two configurations are probable causes of the poor performance? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation: A and B
Analyzing esxtop columns
Refer to this table for relevant columns and descriptions of these values:
Column Description
CMDS/s
This is the total amount of commands per second and includes IOPS (Input/Output Operations Per Second) and other SCSI commands such as SCSI reservations, locks,
vendor string requests, unit attention commands etc. being sent to or coming from the device or virtual machine being monitored.
In most cases, CMDS/s = IOPS unless there are a lot of metadata operations (such as SCSI reservations)
DAVG/cmd This is the average response time in milliseconds per command being sent to the device.
KAVG/cmd This is the amount of time the command spends in the VMkernel.
GAVG/cmd This is the response time as it is perceived by the guest operating system. This number is calculated with the formula: DAVG + KAVG = GAVG
Link: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1008205
And, BIOS:
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1018206
QUESTION 212
An administrator has recently configured HA on a cluster. After reviewing the summary tab on one of the hosts, the warning in Exhibit 1 is displayed:
The administrator proceeds to view the management network port group data shown in Exhibit 2:
The administrator then views the management network vSwitch as shown in Exhibit 3:
Based on the exhibits, which two steps should be taken to ensure redundancy on the management network? (Choose two.)
Correct Answer: AD
Section: (none)
Explanation
Explanation/Reference:
Explanation: A and D
Use Load Balancing and Failover policies to determine how network traffic is distributed between adapters and how to reroute traffic in the event of an adapter failure.
The Failover and Load Balancing policies include the following parameters:
Load Balancing policy: The Load Balancing policy determines how outgoing traffic is distributed among the network adapters assigned to a standard switch. Incoming
traffic is controlled by the Load Balancing policy on the physical switch.
Failover Detection: Link Status/Beacon Probing
Network Adapter Order (Active/Standby)
In some cases, you might lose standard switch connectivity when a failover or failback event occurs. This causes the MAC addresses used by virtual machines associated
with that standard switch to appear on a different switch port than they previously did. To avoid this problem, put your physical switch in portfast or portfast trunk mode.
Link: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.networking.doc%2FGUID-D5EA6315-5DCD-463E-A701-B3D8D9250FB5.html
QUESTION 213
Refer to the Exhibit.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
For sharing a volume across hosts, a VMFS volume is bound to its underlying block device storage. When a low level block copy is performed to copy or move the VMFS
volume, the copied volume will be unbound.
When using Broadcom network interfaces with Hardware iSCSI Offload capabilities such as BCM5709 and BCM57711, each of the network interfaces shows up as
individual storage adapters in the Configuration tab of an ESX host and each adapter also has an individual IQN. However, when you configure the adapter for iSCSI, you
observe these symptoms:
QUESTION 214
Refer to the Exhibit.
-- Exhibit --
Review the Exhibit. An administrator has configured permissions for a group called VMGroup and a user named VMUser. A new Role has been created called PowerVM.
The group and role have these charecteristics:
PowerVM role can power on VMs
VMGroup granted PowerVM role on VMFolder
VMUser is a member of VMGroup
VMUser granted No Access on VMFolder
Based on the exhibit, which statement best explains why VMUser is denied access to the VMFolder?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
User Permissions Overriding Group Permissions:
This example illustrates how permissions assigned directly to an individual user override permissions assigned to a group that the user is a member of.
In this example, permissions are assigned to a user and to a group on the same object.
Role 1 can power on virtual machines.
Group A is granted Role 1 on VM Folder.
User 1 is granted No Access role on VM Folder.
User 1, who belongs to group A, logs on. The No Access role granted to User 1 on VM Folder overrides the group permission. User 1 has no access to VM Folder or VMs
A and B.
Example 3: User Permissions Overriding Group Permissions
https://pubs.vmware.com/vsphere-60
The setting in vSphere is a property of the ESX(i) host, found within the configuration tab in the Virtual Machine Startup/Shutdown options section.
A VM startup sequence can be set with timing for each host.
The properties section will allow the startup options to be configured. It is a good idea to shorten their startup time if the hosts power up and are ready to go. This may not
be the case with SAN or NAS systems in use, which may take more time to start up.
Check the power state of the virtual machine with the command:
vim-cmd vmsvc/power.getstate <vmid>
QUESTION 215
Refer to the Exhibit.
An administrator would like to add Challenge Handshake Authentication Protocol (CHAP) to an iSCSI adapter. The administrator accesses the Storage Adapters menu as
shown in the Exhibit.
A. Properties
B. Advanced Options
C. Targets
D. Devices
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation: Procedure
1 Access the iSCSI Initiator Properties dialog box.
2 On the General tab, click CHAP.
3 To configure one-way CHAP, under CHAP specify the following:
a. Select the CHAP security level.
■ Do not use CHAP unless required by target (software and dependent hardware iSCSI only)
■ Use CHAP unless prohibited by target
■ Use CHAP (software and dependent hardware iSCSI only). To configure mutual CHAP, you must select this option.
c. Enter a one-way CHAP secret to be used as part of authentication. Use the same secret that you enter on the storage side.
4. To configure mutual CHAP, first configure one-way CHAP by following the directions in Step 3.
Make sure to select Use CHAP as an option for one-way CHAP. Then, specify the following under Mutual CHAP:
a. Select Use CHAP.
b. Specify the mutual CHAP name.
c. Enter the mutual CHAP secret. Make sure to use different secrets for the one-way CHAP and mutual CHAP.
5. Click OK.
6. Rescan the initiator.
Reference: https://pubs.vmware.com/vsphere-51/index.jsp#com.vmware.vsphere.storage.doc/GUID-488A90C3-4826-4EB7-BAA4-E9C799AA2C02.html
QUESTION 216
Refer to the Exhibit.
An administrator receives an error on a vSphere cluster as shown in the Exhibit.
Based on the exhibit, which three configuration changes can resolve the error? (Choose three.)
Explanation/Reference:
Explanation: A,B&C
vSphere HA Admission Control
vCenter Server uses admission control to ensure that sufficient resources are available in a cluster to provide failover protection and to ensure that virtual machine
resource reservations are respected.
Three types of admission control are available.
Host Ensures that a host has sufficient resources to satisfy the reservations of all virtual machines running on it. Resource Pool Ensures that a resource pool has sufficient
resources to satisfy the reservations, shares, and limits of all virtual machines associated with it. vSphere HA Ensures that sufficient resources in the cluster are reserved
for virtual machine recovery in the event of host failure.
Link:
https://pubs.vmware.com/vsphere-60/index.jsp#com.vmware.vsphere.avail.doc_50/GUID-53F6938C-96E5-4F67-9A6E-479F5A894571.html
QUESTION 217
Refer to the Exhibit.
An administrator manages a High Availability (HA)/Distributed Resource Scheduler (DRS)-enabled cluster and has configured the affinity rule shown in the Exhibit.
Which two statements best describe the configuration shown in the exhibit? (Choose two.)
A. HA will not failover Marketing to ESXi hosts that are not in the Host Group.
B. HA will failover Marketing to ESXi hosts that are not in the Host group.
C. DRS will attempt to keep Marketing on the ESXi host 10.21.38.106.
D. DRS will not attempt to keep Marketing on the ESXi host 10.21.28.106.
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
Explanation: B & D
As per exhibit Rule settings:
VM-Host Affinity Rules
A VM-Host affinity rule specifies whether or not the members of a selected virtual machine DRS group can run on the members of a specific host DRS group.
Unlike a VM-VM affinity rule, which specifies affinity (or anti-affinity) between individual virtual machines, a VM-Host affinity rule specifies an affinity relationship between a
group of virtual machines and a group of hosts. There are 'required' rules (designated by "must") and 'preferential' rules (designated by "should".)
A VM-Host affinity rule includes the following components.
One virtual machine DRS group.
One host DRS group.
A designation of whether the rule is a requirement ("must") or a preference ("should") and whether it is affinity ("run on") or anti-affinity ("not run on").
Because VM-Host affinity rules are cluster-based, the virtual machines and hosts that are included in a rule must all reside in the same cluster. If a virtual machine is
removed from the cluster, it loses its DRS group affiliation, even if it is later returned to the cluster.
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.resmgmt.doc%2FGUID-2FB90EF5-7733-4095-8B66-F10D6C57B820.html
QUESTION 218
Refer to the Exhibit.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
PoRT 22 SSH on ESXi allowed :
“Allow connections from any IP address,” or, you can select “Only allow connections from the following networks” and enter an IP address or subnet. You can enter
multiple IP addresses and subnets, separated with a comma.
By default, there is a set of predefined firewall rules that can be enabled/disabled for the ESXi host from the vSphere Client.
These firewall services can be enabled/disabled for the defined ports (UDP/TCP) from the vSphere Client. However, if you need to enable the service on a protocol that is
not defined, you must create new firewall rules from the command line.
For example, the DNS Client service can be enabled/disabled only on UDP port 53.
To enable DNS for TCP:
Open an SSH connection to the host. For more information, see Using ESXi Shell in ESXi 5.0 and 6.0 (2004746).
List the firewall rules by running the command:
# esxcli network firewall ruleset list
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2008226
QUESTION 219
Which two statements are true regarding upgrading from a Distributed vCenter Server 5.x to vCenter Server 6.x? (Choose two.)
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
vCenter Server and vCenter Single Sign-On are the only services that are not migrated. vCenter Single Sign-On instances are upgraded in place to become part of an
external Platform Services Controller if they are deployed on a system other than the system where the vCenter Server resides.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc%2FGUID-4BFB12D8-9FCA-4AB1-A44F-2986966F0AD5.html
QUESTION 220
An administrator needs to configure a storage solution for a vSphere 6.x implementation with these characteristics:
● Snapshot support
● vMotion Capability
● Clustering across multiple ESXi hosts
● Database application with high transaction count
● vFlash Read Cache
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 221
An administrator has a virtual machine (VM) that uses a shared USB device.
Which option will allow the VM to utilize vMotion while retaining the maximum possible functionality?
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 222
An administrator is configuring an identity source for Single Sign-On. The administrator will use the machine that Single Sign-on is running on, but does not want all users
on the machine to be visible to SSO.
Which identity Source meets this requirement?
A. LocalOS
B. Active Directory as an LDAP service
C. OpenLDAP
D. Active Directory (Integrated Windows Authentication)
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 223
An administrator is building a large virtual machine that will require as many vCPUs as the host can support. An ESXi 6.x host has these specifications:
Four 24-core Intel Xeon Processors
256 GB of Memory
512 GB Local disk space using VMFS5
What is the maximum number of virtual CPUs that the virtual machine can be allocated?
A. 64
B. 96
C. 128
D. 192
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Reference: https://www.vmware.com/pdf/vsphere6/r60/vsphere-60-configuration-maximums.pdf page 9
QUESTION 224
An administrator has noticed that virtual machine VM2 in the vApp show in the Exhibit is demonstrating poor performance.
Which three changes, if performed separately, would improve the performance of VM2? (Choose three.)
Explanation/Reference:
QUESTION 225
An administrator wants to configure an ESXi 6.x host to use Active Directory (AD) to manage users and groups. The AD domain group ESX Admins was previously
created.
Which two conditions should be considered when planning this configuration? (Choose two.)
A. If administrative access for ESX Admins is not desired, an alternate AD group must be used.
B. The users in ESX Admins are granted administrative privileges in vCenter Server.
C. The users in ESX Admins are not restricted by Lockdown Mode.
D. An ESXi host provisioned with Auto Deploy cannot store AD credentials.
Correct Answer: AD
Section: (none)
Explanation
Explanation/Reference:
QUESTION 226
To reduce the attack vectors for a virtual machine, which two settings should an administrator set to false? (Choose two.)
A. keyboard.present
B. vmnicX:Y.present
C. ideX:Y.present
D. serial.present
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Removing Unnecessary Hardware Devices
Any enabled or connected device represents a potential attack channel. Users and processes without privileges on a virtual machine can connect or disconnect hardware
devices, such as network adapters and CD-ROM drives. Attackers can use this capability to breach virtual machine security. Removing unnecessary hardware devices
can help prevent attacks.
Use the following guidelines to increase virtual machine security.
Reference:
https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-822B2ED3-D8D2-4F57-8335-CA46E915A729.html
QUESTION 227
An administrator is implementing a vSphere 6.x environment containing one vCenter and five ESXi hosts. The administrator has just finished deploying the vCenter Server
appliance with an embedded Platform Services Controller (PSC) and need to ensure that default security certificates within the vSphere 6.x environment are replaced with
new certificates.
What should the administrator do to complete this task the least administrative effort?
A. Replace the VMCA root certificate before adding the ESXi hosts to vCenter Server.
B. Create ESXi host security certificates using the SSL. Thumbprint mode to ensure consistency among all hosts.
C. Add the ESXi hosts to vCenter Server before updating the VMCA root certificate on the PSC.
D. Make VMCA an Intermediate Certificate Authority to ensure each added ESXi hosts receives the same certificate.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 228
Which two conditions would prevent an administrator from upgrading an existing vCenter Server Appliance to vSphere 6.x? (Choose two.)
Correct Answer: AD
Section: (none)
Explanation
Explanation/Reference:
QUESTION 229
An administrator as creating a new Content Library. It will subscribe to another remote Content Library without authentication enabled. Optimal performance is desired for
the configuration.
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 230
Click the Exhibit.
Which three conditions would explain the error? (Choose three.)
Explanation/Reference:
QUESTION 231
The Prod-DB virtual mavhine has a VM Override as shown in the Exhibit:
What step, if taken, would require all virtual machines in the cluster to migrate automatically?
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 232
When operating with Distributed Resource Scheduler (DRS) and Distributed Power Management (DPM), what two statements explain the impact of disabling vSphere
High Availability admission control? (Choose two.)
A. DRS will evacuate virtual machines from hosts and places in maintenance or standby modes regardless of the impact this might have on failover requirements.
B. Vmware DPM will place hosts in standby mode even if doing so violates failover requirements.
C. DRS does not evacuate virtual machines from a host for the purpose of placing it in maintenance or standby modes if placing the host in this state would violate
failover requirements.
D. VMware DPM does not place hosts in standby mode if doing so would violate failover requirements.
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
QUESTION 233
Which VMware Single Sign-On component handles STS authentication requests?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Reference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc%2FGUID-90C1E3DC-4397-4BF0-808E-DF3802E56BC6.html
QUESTION 234
An administrator observes that virtual machine storage activity on an ESXi 6.x host is negatively affecting virtual machine storage activity on another host that is accessing
the same VMFS Datastore.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 235
An administrator needs to migrate a very large virtual machine to vCloud Air from a branch office.
Which two components can be used to meet this requirement? (Choose two)
Correct Answer: AD
Section: (none)
Explanation
Explanation/Reference:
Reference: http://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/vcloud-air/vcloud-air-faq.pdf
QUESTION 236
What would prevent VMware Convertor from initiating the VMware tools install during a windows server conversion?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference: