VMware 3v0-22-21 practice test

Advanced Deploy VMware vSphere 7.x Exam


Question 1

The security team has decided to follow the VMware-recommended best practices in the vSphere
hardening guide.
esxi02b:
Your first task is to create a local user in esxi02b:
Name: SpecialUser
Role: Administrator
Your second task is to ensure that SpecialUser is the ONLY user who is able to SSH into esxi02b via
Putty.
Your final task is to enforce a strict lockdown on esxi02b.
Your second task is to ensure that SpecialUser is the ONLY user who is able to SSH into esxi02b via
Putty.
Your final task is to enforce a strict lockdown on esxi02b.

Answer:

See the
solution below

Explanation:
Authentication and authorization govern access.vCenter Single Sign-Onsupports authentication,
which means it determines whether a user can access vSphere components at all. Each user must
also be authorized to view or manipulate vSphere objects.
vSphere supports several different authorization mechanisms, discussed in
Understanding
Authorization in vSphere
. The focus of the information in this section is how thevCenter
Serverpermission model works and how to perform user management tasks.
vCenter Serverallows fine-grained control over authorization with permissions and roles. When you
assign a permission to an object in thevCenter Serverobject hierarchy, you specify which user or
group has which privileges on that object. To specify the privileges, you use roles, which are sets of
privileges.
Initially, only the administrator user for the vCenter Single Sign-On domain,
[email protected] by default, is authorized to log in to thevCenter Serversystem. That
user can then proceed as follows:
Add an identity source in which users and groups are defined tovCenter Single Sign-On. See
thePlatform Services Controller Administrationdocumentation.
Give privileges to a user or group by selecting an object such as a virtual machine or avCenter
Serversystem and assigning a role on that object for the user or group.

Discussions

Question 2

You have just deployed a new vCenter Server Appliance. Vcsa0l
a. and are required to back up to configuration after deployment. To complete this task, perform an
unencrypted backup of the vCenter Server Appliance using the following details:
Use the FTP protocol to backup the appliance
FTP Server Location: 172.20.10.10/
FTP Username: administrator
FTP Password: VMware1!
Note: Make sure you include the / at the end of the Server Location

Answer:

See the

Explanation:
Prerequisites
You must have an FTP, FTPS, HTTP, HTTPS, or SCP server up and running with sufficient disk space to
store the backup.
Dedicate a separate folder on your server for each file-based backup.
Procedure
In a Web browser, go to thevCenter Server ApplianceManagement Interface,
https://appliance-IP-
address-or-FQDN:5480
.
Log in as root.
In thevCenter Server ApplianceManagement Interface, clickSummary.
ClickBackup.
TheBackup Appliancewizard opens.
Enter the backup protocol and location details.
D
e
s
c
r
O
i
p
p
t
t
i
i
o
o
n
n
B
S
a
e
c
l
k
e
u
c
p
t
t
p
h
r
e
o
t
p
o
r
c
o
o
t
l
o
c
o
l
t
o
u
s
e
t
o
c
o
n
n
e
c
t
t
o
y
o
u
r
b
a
c
k
u
p
s
e
r
v
e
r
.
Y
o
u
c
a
n
s
e
l
e
c
t
F
T
P
,
F
T
P
S
,
H
T
T
P
,
H
T
T
P
S
,
o
r
S
C
P
.
F
o
r
F
T
P
,
F
T
P
S
,
H
T
T
P
,
o
r
H
T
T
P
S
t
h
e
p
a
t
h
i
s
r
e
l
a
t
i
v
e
t
o
t
h
e
h
o
m
e
d
i
r
e
c
t
o
r
y
c
o
n
f
i
g
u
r
e
d
f
o
r
t
h
e
s
e
r
v
i
c
e
.
F
o
r
S
C
P
,
t
h
e
p
a
t
h
i
s
a
b
s
o
l
u
t
e
t
o
t
h
e
r
e
m
o
t
e
s
y
s
t
e
m
s
r
o
o
t
d
i
r
e
c
t
o
r
y
.
B
E
a
n
c
t
k
e
u
r
p
t
h
l
e
o
c
s
a
e
t
r
i
v
o
e
n
r
a
d
d
r
e
s
s
a
n
d
b
a
c
k
u
p
f
o
l
d
e
r
i
n
w
h
i
c
h
t
o
s
t
o
r
e
t
h
e
b
a
c
k
u
p
f
i
l
e
s
.
P
E
o
n
r
t
t
e
r
t
h
e
d
e
f
a
u
l
t
o
r
c
u
s
t
o
m
p
o
r
t
o
f
t
h
e
b
a
c
k
u
p
s
e
r
v
e
r
.
U
E
s
n
e
t
r
e
n
r
a
a
m
e
u
s
e
r
n
a
m
e
o
f
a
u
s
e
r
w
i
t
h

w
r
i
t
e

p
r
i
v
i
l
e
g
e
s
o
n
t
h
e
b
a
c
k
u
p
s
e
r
v
e
r
.
P
E
a
n
s
t
s
e
w
r
o
t
r
h
d
e
p
a
s
s
w
o
r
d
o
f
t
h
e
u
s
e
r
w
i
t
h

w
r
i
t
e

p
r
i
v
i
l
e
g
e
s
o
n
t
h
e
b
a
c
k
u
p
s
e
r
v
e
r
.
(Optional)SelectEncrypt Backup Datato encrypt your backup file and enter a password for the
encryption.
If you select to encrypt the backup data, you must use the encryption password for the restore
procedure.
ClickNext.
On the Select parts to backup page, review the data that is backed up by default.
(Optional)SelectStats, Events, and Tasksto back up additional historical data from the database.
(Optional)In theDescriptiontext box, enter a description of the backup and clickNext.
On the Ready to complete page, review the summary information for the backup and clickFinish.
TheBackup Progresswindow opens and indicates the progress of the backup operation.
After the backup process finishes, clickOKto close theBackup Progresswindow.
Results
You successfully created a backup file of thevCenter Server Appliance.

Discussions

Question 3

A vSphere administrator has deployed a new server. The VM will have a workload which is prodApp1
to the following specifications:
The VM should never have any memory contention while powered on. even if the host that it
resides
Configure the virtual machine for high latency sensitivity.

Answer:

Send us your
suggestions.

Discussions

Question 4

A user has approached you about a virtual machine with the name infra-1 that is performing poorly
on the vCenter Server vcsa0l
a. In order to analyze the data offline, your team requires the esxtop data from the problem host
with the following requirements:
The esxtop data must be in CSV format
The data must contain 20 iterations with a delay
Once captured, copy the results CSV file from the destination datastore on the host to the Desktop of
the ControlCenter VM with the filename "esxiOlb-capture.csv'.
Note: WindSCP is installed on the Controller.

Answer:

See the

Explanation:
Do the following before you start to troubleshoot a problem using esxtop: 1. Log on to the VMware
Management Interface for the ESX Server machine in question. Refer to the online document,
Logging Into the VMware Management Interface, for details. In the status monitor, under Virtual
Machines, note the virtual machine IDs (or VMIDs) for all virtual machines running on the server.

2. Make certain you have an secure shell (SSH) client. Windows users can get a free SSH client from
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
. 3. If you have ESX Server
version 2.0.x, refer to the VMware Knowledge Base Answer ID 1078 for instructions on downloading
and installing the VMware performance monitoring tools, esxtop and vmkusage. ESX Server version
2.1 and higher include esxtop and vmkusage. See Using vmkusage to Isolate Performance Problems
on page 6 for a description of vmkusage. Starting esxtop Perform the following steps to start and set
up esxtop
1. Using a secure shell (SSH), log on to the ESX Server machine as root. 2. Enter esxtop in the SSH
command line. The esxtop display appears.

Note: The esxtop tool includes several interactive commands. To view a list of the interactive
commands, enter h. 3. Enter the f command. The Field Select page appears

4. Enter r to toggle on the SWPD field.
5. Press any key other than a through x to see the esxtop display again

Note: You can also run esxtop in batch mode. For example, use the command: [root]# esxtop -b -n
iterations > logfile. For detailed command reference information, enter man esxtop on the SSH
command line. Examining CPU Usage This section describes how to assess system CPU loading,
percentage of individual CPU use and individual virtual machine CPU use. Load Average Line Examine
the load average on the first line to determine the amount of use for all physical CPUs on the ESX
Server machine. The load averages are displayed for five-second, and one-, five- and fifteen-minute
intervals. A load average of 1.00 means that the ESX Server machines physical CPUs are fully
utilized, and a load average of 0.5 means they are half utilized. On the other hand, a load average of
2.00 means that you either need to increase the number of CPUs or decrease the number of virtual
machines running on the ESX Server machine because the system as a whole is overloaded.
PCPU Line Examine the PCPU line for the percentage of individual physical CPU use for CPU0 and
CPU1 respectively (for a dual-processor machine). The last value is the average percentage for all of
the physical CPUs. As a rule of thumb, 80.00% is a desirable usage percentage, but bear in mind that
different organizations have varying standards with respect to how close to capacity they run their
servers. 90% should be considered a warning that the CPUs are approaching an overloaded
condition.
You can enter the interactive c command to toggle the display of the PCPU line. If hyperthreading is
enabled, the LCPU line appears whenever the PCPU line is displayed. The LCPU line shows the logical
CPU use. Virtual Machine CPU Usage A virtual machine world is listed as vmm in the WTYPE column.
The world ID (WID) corresponds to the VMID in the VMware Management Interface Status Monitor
(see Getting Started on page 2). For virtual machines with one virtual CPU (VCPU), the VCPUID and
WID is the same. For virtual machines with two VCPUs, there are two VCPUIDs associated with one
WID. For example:

Use the WID and VMID values as cross references to identify a specific virtual machines display
name. Use the following steps to assess virtual machine CPU usage. 1. Examine the %READY field for
the percentage of time that the virtual machine was ready but could not get scheduled to run on a
physical CPU. Under normal operating conditions this value should remain under 5%. 2. Examine the
%USED field for the percentage of physical CPU resources used by a VCPU. If the physical CPUs are
running at full capacity, you can use %USED to identify a virtual machine that is using a large amount
of physical CPU resources. 3. Examine the %EUSED field for the percentage of the maximum physical
CPU resource usage a virtual machine is currently using. The %EUSED value is calculated as follows:
%EUSED = %USED *((# of VCPUs * 100)/ max) In this formula: # of VCPUs is the number of VCPUs
configured in a virtual machine. max is the maximum percentage of CPU resources allocated to a
virtual machine. The default is 100. The following table shows how %EUSED increases as the value of
max decreases for a virtual machine with a constant physical CPU usage of 40% (i.e., %USED = 40).

%EUSED is an useful indicator of how close a virtual machine is to saturating the physical CPUs. If a
virtual machine consistently saturates the physical CPUs (i.e., it uses 100% of the physical CPU
resources), you can fix it by either: Decreasing the number of virtual machines running on an ESX
Server machine.
Moving the virtual machine to a different ESX Server machine that has more physical CPU
resources, and increasing the value of max. Assessing Memory Usage Look at the percentage of
maximum memory actively used by a virtual machine listed in the %MEM column. Also, note the
amount of swapped memory used by a virtual machine listed the SWPD column. Using some swap
space is not necessarily bad, because the pages swapped out could be inactive; however, the use of
swap space is a clue that you could be losing performance due to active swapping. If the swap
percentage increases, there could be a performance problem. If the maximum system memory or
swap space is exceeded, additional virtual machines will not power up and you may need to
reconfigure memory and swap space. Assessing Disk and Network Usage Examine the DISK and NIC
lines for disk activity. If the throughput is either not meeting expectations or approaching the
maximum capacity of the hardware device, there is a potential for a performance bottleneck. Exiting
esxtop Enter q to exit esxtop

Discussions

Question 5

The Virtual Infrastructure team wants to share a VM Template from vcsa0la to vcsa0lb via content
libraries. Ensure that the content in the libraries is synchronized only when needed.
Name of Published Content Library in vcsa0la: CL01
Name of Subscribed Content Library in vcsa0lb: CL02
For both content libraries, use the local datastore: SAN01
VM Template to be shared: Core-Template
After the Core-Template has been synchronized from CL01 to CL02. deploy a virtual machine from
VM-Template on vcsa0lb
Name of virtual machine: CL-VM
Host for virtual machine: sxi03b

Answer:

Send us your
suggestions.

Discussions

Question 6

Your team is experiencing intermittent issues with esxi0la and you have been asked to configure the
host to export its syslog data to a preconfigured syslog collector.
To complete this task, you must:
Configure esxi0la.vciass.local to send syslog events to an external syslog collector on 172.20.10.10.
Ensure that the ESXi host security policies allow the syslog traffic to pass.

Answer:

Send us your
suggestions.

Discussions

Question 7

You are doing an audit for vCenter Server vcsa0la s inventory.
On the desktop, you will find a folder named "powercli-question". In the folder, there is a script
named "vds-script.psl".
Your colleague needs some help to get it working as expected. Your task is to modify the script so
that it exports a list of virtual machines, enables promiscuous mode on PCLI-Portgroup. and exports
PCLl-Portgroup.

Answer:

Send us your
suggestions.

Discussions

Question 8

Due to budget constraints, the development team must place its virtual machines on the same ESXi
hosts as the production virtual machines. In order to prevent resource contention caused by the
development workload, you must limit their resources.
On Cluster PROD-A create a resource pool under this cluster for future development VMs. Create a 4
GHz CPU limit and a 256 MB memory limit
Cluster Name: PROD-A
Resource Pool Name: DevRP
CPU Limit: 4 GHz
Memory Limit: 256 MB

Answer:

Send us your
suggestions.

Discussions

Question 9

The current vSphere environment will be adding new ESXi hosts that will be used to create a QA
compute cluster. This cluster should have HA properties specific to the workloads that will be running
in it.
In preparation of adding the new hosts, create the new cluster. QA-Cluster in. Datacenter-PROD on
vcsa0la.vclass.local with the following HA requirements:
The cluster should not contain any ESXi hosts or VMs
Hosts should be monitored.
VMs should be restarted in the event of a host failure.
VMs should be restarted if guest heartbeats are not detected.
In the case of a host becoming isolated, shutdown and restart VMs.
If there is an All Paths Down event, any affected VMs must be moved to another host.
Reserve 10% of memory and CPU for failover capacity.
Part 2
You have been given a requirement for a virtual machine to have no downtime when an ESXi host
failure occurs. Configure Fault Tolerance on VM1-FT in the PROD-B cluster. Use any compatible
secondary host and datastore. Configure the following advanced cluster settings. Use SAN01 as the
storage during configuration.
das.isolationaddress0 172.20.10.11
dass.igoreRedundantNetWarining true
Note: ignore any related host, customer, or bandwidth warnings as long as fault tolerance is
configured and VM1-FT is running.

Answer:

Send us your
suggestions.

Discussions

Question 10

The IT Team recently implemented a Unified Communication Service to provide conferencing for the
organization. The UCS Application server is running from a virtual machine named VM1-UCS. Due to
the nature of the UCS. the traffic for VM1-UCS has a higher Class of Service (CoS) demand.
In order to meet demand bandwidth for VM1 hosting the UCS. you been have given the task to
improve performance by isolating the traffic and configuring CoS for this VM.
Your first task is to connect VM1-UCS to the distributed port group. UCS-Portgroup.
Your second task is to tag and mark the traffic for VM1-UCS with the following parameters:
Name: UCS Network Traffic
CoS Value: 4
DSCP Value: 34
Traffic Direction: Ingress/Egress
Traffic Qualifier: System Traffic - Virtual Machine
The IT Team noticed that some of the parameter where not available on the distributed switch.
Troubleshoot why these settings are missing and fix it.

Answer:

Send us your
suggestions.

Discussions
To page 2