Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
17 Cards in this Set
- Front
- Back
Where in vSphere Web UI setting for the firwall, esx host services and lockdown mode? |
Host > Settings > Security Profile
|
|
Where in the vSphere Web UI do you go to start services? |
Host > Settings > Security Profile > Edit Services |
|
Lockdown Mode does what? |
No users but vpxuser have authentication permissions. Also, users cannot perform operations against the host directly. Lockdown mode forces all operations to be performed through vCenter Server |
|
What ESX Host Feature do you use to enable access to a service running on an ESX host? |
Firewall feature. |
|
By default Firewall rule sets to ESX servers are? |
Enabled if the underlying service is running |
|
When a ESXi Host is in Lockdown mode, no users can access the DCUI |
False - The root user still has access to the DCUI |
|
In strict lockdown mode even root cannot access the DCUI, only vCenter |
True - In strict lockdown mode, the DCUI service is also stopped. If the connection to the vCenter Server system is lost and vSphere Web Client is no longer available, the ESXi host becomes unavailable. The host can be accessed in this situation only if the vSphere ESXi Shell and SSH services are enabled and authorized users are added to the Exception Users list. |
|
What is a benefit of lockdown mode? |
All changes have to be done by vCenter so all changes are logged. |
|
ESXi hosts local services, SSH and DCUI have to be manually configured. |
False - You can configure an ESXi host to join an AD domain so that a user trying to access the host is authenticated against the centralized vCenter Single Sign-On user directory. |
|
vSphere Host Profiles is part of what edition of vSphere |
Enterprise Plus |
|
What are host profiles? |
A profile created on vSphere that make local ESXi host changes. Security Network Config |
|
In Lockdown mode, the exception list gives access to all local services |
True |
|
What Advanced Security Setting gives access to the DCUI |
DCUI.Access |
|
In vSphere 6.0 and later, the VMware Certificate Authority (VMCA)provisions each ESXi host with a signed certificate that has VMCA as the rootcertificate authority by default. If company policy requires it, you can replacethe existing certificates with certificates that are signed by a third-party CA. |
True |
|
Smartcards have been available as a security option since v5.0 |
False - This is a new feature for 6.0 |
|
ESXi Account Lockout supports what services |
SSH and SDK, DCUI and ESXi Shell do not support Account Lockout |
|
How many attempts are allowed by default for ESXi Account Lockout |
10 |