How would an administrator accomplish the given configuration leveraging the firewall capabilities within VMware Cloud on AWS?
A.
Create a gateway firewall rule permitting bi-directional traffic to Subnet A from the Internet. Create a gateway firewall rule denying bi-directional traffic to Subnet B and Suubnet C from the Internet. Create a distributed firewall rule under the Application category to permit bi-directional traffic from Subnet A to Subnet B and from Subnet B to Subnet C.
B.
Create a gateway firewall rule permitting bi-directional traffic to Subnet A from the Internet. Create a distributed firewall rule denying bi-directional traffic to Subnet B and Subnet C from the Internet. Create a distributed firewall rule under the Ethernet category to permit bi-directional traffic from Subnet A to Subnet B and from Subnet B to Subnet C. C Create a gateway firewall rule permitting bi-directional traffic to Subnet A from the Internet. Create a gateway firewall rule denying bi-directional traffic from the Internet to all subnets. Create a distributed firewall rule under the Infrastructure category to permit bi-directional traffic from Subnet A to Subnet B and from Subnet B to Subnet C.
D.
Create a gateway firewall rule permitting bi-directional traffic to Subnet A from the Internet. Create a gateway firewall rule denying bi-directional traffic to Subnet B and Subnet C from the Internet. Create a gateway firewall rule to permit bi-directional traffic from Subnet A to Subnet B and from Subnet B to Subnet C.
Answer:
A
User Votes:
A
50%
B
50%
D
50%
Discussions
0/ 1000
Question 3
To assist with seasonal workload demands over the next two months, a group of interns are hired to assist with day 2 virtual machine operations in VMware Cloud on AWS. Which method should be used for creating these temporary user accounts and assigning the appropriate permissions to them?
A.
Log into vCenter in VMware Cloud on AWS with the CloudAdmin account. Create the required number of user accounts in the vmc.local SSO domain and assign the appropriate roles to the accounts.
B.
Log into on-premises VMware vCenter. Create the required number of user accounts in the vsphere. local SSO domain and assign the appropriate roles to the accounts. Ensure that Hybrid Linked Mode is enabled to allow account propagation to the VMware Cloud on AWS SSO domain.
C.
Create the required user accounts within Active Directory and assign them to the required group. With Hybrid Linked Mode enabled, assign the correct role in VMware Cloud on AWS to the Active Directory group that contains the user accounts.
D.
Log into vCenter in VMware Cloud on AWS with the CloudAdmin account. Create the required number of user accounts in the vsphere. local SSO domain and assign the appropriate roles to the accounts in Active Directory.
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 4
What is the maximum Gbps of bandwidth that each AWS Elastic Network Adapter (ENA) provides on a i3.metal host?
A.
25Gbps
B.
50Gbps
C.
10Gbps
D.
100Gbps
Answer:
A
Explanation: I3 instances offer up to 25 Gbps of network bandwidth and up to 14 Gbps of dedicated bandwidth to Amazon Elastic Block Store (Amazon EBS). Reference: https://aws.amazon.com/ec2/instance-types/i3/
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 5
An administrator would like their VMware Cloud on AWS software-defined data center (SDDC) cluster to scale down a host when CPU utilization drops below 60%. Which Elastic DRS policy should be selected?
Which statement is true about a VMware Cloud on AWS software-defined data center (SDDC)?
A.
It is a VMware environment integrating VMware vCenter Server, VMware vSAN and, optionally, VMware NSX-Tthat runs on an AWS Elastic Compute Cloud (EC2) bare-metal infrastructure and is able to consume native AWS services.
B.
It is a VMware environment integrating VMware vCenter Server, VMware vSAN and VMware NSX- Tthat runs nested VMware ESXi on AWS Elastic Compute Cloud (EC2) instances and is able to consume native AWS services.
C.
It is a VMware environment integrating VMware vCenter Server, VMware vSAN and VMware NSX- Tthat runs VMware ESXi on an AWS Elastic Compute Cloud (EC2) bare-metal infrastructure and is able to consume native AWS services.
D.
It is a VMware environment with VMware vCenter Server, VMware vSAN and VMware NSX-T managing native AWS Elastic Compute Cloud (EC2) instances and able to consume native AWS services.
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 7
A virtual machine in VMware Cloud on AWS sends a packet to an Amazon Elastic Compute Cloud (EC2) Linux instance in the associated AWS account. Which device is the next hop for the packet?
A.
Edge Virtual Machine
B.
AWS Elastic Network Adapter (ENA) on the VMware ESXI host
C.
Tier-0 (T0) Router
D.
Tier-1 (T1) Router
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 8
Upon connecting a VMware Managed Transit Gateway (VTGW), the administrator discovers that there is an overlapping workload CIDR bleck. How will the software-defined data center (SDDC) handle the overlapping IP space?
A.
It will reject the remote IP space.
B.
It will isolate the overlapping segment in the cloud.
C.
It will allow the overlapping IP space.
D.
It will ensure both CIDR blocks work in both locations.
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 9
What are three benefits of using VMware Cloud on AWS? (Choose three.)
A.
With VMware Cloud on AWS, IT teams can manage their VMware Cloud on AWS resources with familiar VMware tools.
B.
With VMware Cloud on AWS, IT teams can manage their native AWS resources with familiar VMware tools.
C.
VMware Cloud on AWS supports optimized virtual AWS Elastic Compute Cloud (EC2) instances.
D.
Native VMware workloads can be migrated back and forth between on-premises VMware vSphere environments and VMware Cloud on AWS.
E.
With VMware Cloud on AWS, VMware and AWS administrators will manage, maintain and update all virtual machines.
F.
Native AWS services can be consumed over the global AWS backbone with high bandwidth and low latency.
Answer:
ACE
Explanation: IT teams manage their cloud-based resources with familiar VMware tools. Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Managing Virtual Machines in VMware Cloud on AWS. Reference: https://docs.vmware.com/en/VMware-Cloud-on-AWS/solutions/VMware-Cloud-on-AWS.39646badb412ba21bd6770ef62ae00a2/GUID-2EF52910E0945214C0020069FDCD484E.html
User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
0/ 1000
Question 10
Which two network types can be extended with VMware HCX Network Extension? (Choose two.)
A.
vSphere Distributed Switch VLAN Networks
B.
NSX Overlay Networks
C.
Trunk Networks
D.
vSphere Standard Switch VLAN Networks
E.
Private VLAN Networks
Answer:
AB
Explanation: The HCX appliance supports extending networks from VMware vSphere Distributed Switch and NSX overlay networks. Reference: https://docs.vmware.com/en/VMware-HCX/4.2/hcx-user-guide/GUID-0FD13F6B-67AC-4495-91C9-3CCD66791464.html
User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
0/ 1000
Question 11
When configuring Hybrid Linked Mode from the vCenter Cloud Gateway appliance, which groups are mapped from a customer's on-premises environment to the cloud?
A.
LDAP Groups
B.
vSphere Groups
C.
Active Directory Groups
D.
Local Groups
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 12
Which method can be used to deploy a VMware Cloud on AWS software-defined data center?
A.
VMware Data Center Command-Line Interface
B.
AWS Management Console
C.
REST APIs
D.
VMware vCenter Server
Answer:
D
Explanation: You can also use hybrid linked mode to view and manage your onpremises vCenter Server and the one in your VMware Cloud on AWS SDDC with a common set of user identities. Reference: https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/vmc-aws-manage-data- center-vms.pdf
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 13
An administrator is tasked with migrating workloads from one of the company's primary data centers to VMware Cloud on AWS. The migration of these workloads must meet the follow criteria: Must have zero downtime Must be organized based on service-level agreement (SLA) Should not communicate with the on-premises gateway Which three VMware HCX features would meet these requirements? (Choose three.)
An administrator is reducing a five-node cluster down to four. What happens to all virtual machines (VMs) when a host is removed from a cluster?
A.
All VMs on the host being removed are deleted.
B.
All VMs are powered off.
C.
All VMs are migrated from the host.
D.
All VMs are unregistered from VMware vCenter.
Answer:
C
Explanation: When you remove a host from a cluster, its resources are deducted from the total resources of the cluster. The state of the virtual machines deployed on the host determines whether they are migrated to other hosts within the cluster. Reference: https://docs.vmware.com/en/VMware-vSphere/5.5/com.vmware.vsphere.vcenterhost.doc/GUID-D3FC9B42-1075-4A28-9C3C-34BE67F385ED.html
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 15
Standard security practice for a company requires that all administrator-level user accounts have their passwords changed every 60 days. The [email protected] account password is changed by an administrator through the VMware vSphere Cliento adhere to the security policy. When the administrator attempts to log into the VMware Cloud on AWS vCenter Server through the VMware vSphere Client a few days later as [email protected] using the account credentials copied from the VMware Cloud console, the administrator's access is denied. What is the likely cause of this issue?
A.
The [email protected] account password should not be changed through the VMware vSphere Client. In order to prevent unauthorized access to VMware Cloud on AWS by non-authorized individuals, VMware will lock the account out.
B.
When the password for [email protected] is updated from the VMware vSphere Client, the updated password is not reflected in the VMware Cloud console.
C.
The [email protected] password change confirmation email has not been approved by an Organization Owner.
D.
The [email protected] account password should only be changed through the appliance management interface of the VMware vCenter Server.