VMware 2V0-32.22 VMware Cloud Operations 8.x Professional Online Training

exams

1 month ago

Question #1

A cloud administrator is managing a container environment. The application team has complained that they need to manually restart containers in the event of a failure.

Which solution can the administrator implement to solve this issue?

A . Kubernetes
B . VMware vSphere High Availability
C . VMware vSphere Fault Tolerance
D . Prometheus

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Kubernetes is an open-source container orchestration system that provides automated deployment, scaling, and management of containers. It can be used to set up an automated restart policy for containers in the event of a failure, ensuring that containers are automatically restarted when they fail.

https://www.vmware.com/pdf/stagemanager1_Users_Guide.pdf VMware Stage Manager User’s Guide https://www.vmware.com/pdf/stagemanager1_Users_Guide.pdf

Question #2

What is the purpose of the VMware Cloud on AWS Compute Gateway (CGW)?

A . A Tier-1 router that handles routing and firewalling for the VMware vCenter Server and other management appliances running in the software-defined data center (SDDC)
B . A Tier-1 router that handles workload traffic that is connected to routed compute network segments
C . A Tier-0 router that handles routing and firewalling for the VMware vCenter Server and other management appliances running in the software-defined data center (SDDC)
D . A Tier-0 router that handles workload traffic that is connected to routed compute network segments

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

Compute Gateway (CGW) The CGW is a Tier 1 router that handles network traffic for workload VMs connected to routed compute network segments. Compute gateway firewall rules, along with NAT rules, run on the Tier 0 router. In the default configuration, these rules block all traffic to and from compute network segments (see Configure Compute Gateway Networking and Security). https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/vmc-on-aws-networking-security.pdf

Question #3

A cloud administrator is managing a VMware Cloud on AWS environment connected to an on-premises data center using IPSec VPN connection. The administrator is Informed of performance issues with applications replicating data between VMware Cloud and the on-premises data center. The total bandwidth used by this replication is 3.8 Gbps.

What should the administrator do to improve application performance?

A . Deploy VMware HCX.
B . Deploy AWS Direct Connect.
C . Deploy a layer 2 VPN connection.
D . Contact VMware support to request more bandwidth for IPSec VPN connection.

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

AWS Direct Connect is a service that establishes a dedicated network connection between an on-premises data center and an AWS region. This can improve network performance, reduce costs, and increase security for applications that require high bandwidth and low latency1.

A layer 2 VPN connection would not improve performance as it still relies on the public internet. VMware HCX is a service that simplifies workload migration and mobility between different clouds, but it does not address network performance issues. Contacting VMware support to request more bandwidth for IPSec VPN connection is unlikely to be effective as IPSec VPN has inherent limitations such as encryption overhead and packet fragmentation

Question #4

With which solution is the cloud administrator interfacing when defining storage policies in a VMware Cloud software-defined data center (SDDC)?

A . VMware Virtual Volumes (vVols)
B . VMware vSAN
C . iSCSI
D . VMware Virtual Machine File System (VMFS)

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

VMware vSAN is a distributed storage platform that is integrated into the VMware Cloud software-defined data center (SDDC). It provides policy-based storage management, allowing cloud administrators to define storage policies that can be applied to virtual machines and other workloads. These policies govern how data is stored, replicated, and secured, and are used to ensure that data is stored in a consistent and compliant manner. https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vsphere.vmc-aws-manage-data-center-vms.doc/GUID-EDBB551B-51B0-421B-9C44-6ECB66ED660B.html

Question #5

When configuring Hybrid Linked Mode, what is the maximum supported latency between an on-premises environment and a VMware Cloud on AWS software-defined data center (SDDC)?

A . 200 milliseconds round trip
B . 250 milliseconds round trip
C . 150 milliseconds round trip
D . 100 milliseconds round trip

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

Hybrid Linked Mode can tolerate a time skew of up to ten minutes between the on-premises data center and the cloud SDDC. The maximum latency between your cloud SDDC and on-premises data center cannot exceed 100 msec roundtrip.

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vsphere.vmc-aws-manage-data-center-vms.doc/GUID-BE75F0F1-2864-4926-97FE-37E635471C43.html

Question #6

A cloud administrator is In the process of troubleshooting a non-compliant object.

How can the administrator change a VM storage policy for an ISO image?

A . Modify the default VM storage policy and recreate the ISO image.
B . Modify the default VM storage policy.
C . Apply a new VM storage policy.
D . Attach the ISO Image to a virtual machine.

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

A VM storage policy is a set of rules that defines the storage requirements for a virtual machine or an object. A cloud administrator can create and apply different VM storage policies for different types of objects, such as virtual disks, ISO images, snapshots, etc1. Applying a new VM storage policy to an object will change its compliance status and trigger a reconfiguration task to move the object to a compatible datastore1.

Modifying the default VM storage policy will affect all the objects that use it, which may not be desirable. Recreating the ISO image is unnecessary and time-consuming. Attaching the ISO image to a virtual machine will not change its storage policy1.

Question #7

Which four steps must a cloud administrator take to deploy a new private cloud In Azure VMware Solution? (Choose four.)

A . Identify the maximum number of hosts needed for future capacity.
B . Identify the desired availability zone.
C . Identify a management CIDR of size /22.
D . Open a support request with Microsoft Azure requesting capacity.
E . Identify a management CIDR of size /20.
F . Identify the desired region.
G . Identify the current number of hosts needed.

Reveal Solution Hide Solution

Correct Answer: BCDG
BCDG

Explanation:

Identify the desired region. This determines where your private cloud will be deployed and which Azure services are available.

Identify a management CIDR of size /22. This determines the IP address range for your private cloud management components such as vCenter Server, NSX Manager, etc.

Open a support request with Microsoft Azure requesting capacity. This ensures that there are enough hosts available for your private cloud deployment.

Identify the current number of hosts needed. This determines how many hosts will be provisioned

initially for your private cloud cluster.

https://vmc.techzone.vmware.com/resource/avs-planning-and-deployment-guide

Question #8

Which three functions are provided by the components within the Kubernetes control plane? (Choose three.)

A . Balances pods across the nodes within a Kubernetes cluster.
B . Ensures that containers are running in a pod.
C . Configures network rules to route traffic to containers within the Kubernetes cluster.
D . Stores Kubernetes cluster data in a key-value data store.
E . Watches the API for changes and responds with appropriate actions.
F . Stores and distributes container images.

Reveal Solution Hide Solution

Correct Answer: ADE
ADE

Explanation:

https://kubernetes.io/docs/concepts/overview/components/#control-plane-components

Question #9

Which Tanzu Kubernetes Grid component is used to create, scale, upgrade and delete workload clusters?

A . Tanzu Kubernetes cluster
B . Tanzu CLI
C . Tanzu Supervisor cluster
D . Tanzu Kubernetes Grid extensions

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

https://docs.vmware.com/en/VMware-vSphere/7.0/vmware-vsphere-with-tanzu/GUID-4D0D375F-C001-4F1D-AAB1-1789C5577A94.html

Tanzu CLI is a command-line interface used to create, scale, upgrade, and delete workload clusters that are part of the Tanzu Kubernetes Grid [1]. Tanzu CLI also allows you to manage the components of the Tanzu Kubernetes Grid [1], such as the Tanzu Kubernetes cluster and the Tanzu Supervisor cluster. It also provides access to the Tanzu Kubernetes Grid extensions [1], which allow you to extend the functionality of the Tanzu Kubernetes cluster.

Question #10

A cloud administrator wants to migrate a virtual machine using VMware vSphere vMotlon from their on-premises data center to their VMware Cloud on AWS software-defined data center (SDDC), using an existing private line to the cloud SDDC.

Which two requirements must be met before the migration can occur? (Choose two.)

A . The versions of VMware vSphere need to match between the on-premises data center and the cloud SDDC.
B . A Layer 2 connection is configured between the on-premises data center and the cloud SDDC.
C . AWS Direct Connect is configured between the on-premises data center and the cloud SDDC.
D . IPsec VPN is configured between the on-premises data center and the cloud SDDC.
E . Cluster-level Enhanced vMotion Compatibility (EVC) is configured in the on-premises data center and the cloud SDDC.

Reveal Solution Hide Solution

Correct Answer: CD
CD

Explanation:

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws-operations/GUID-1A175E91-2317-4261-A63E-B398D92ECE8D.html

vMotion Requirements for SDDCs With NSX: Networking speed and latency: Migration with vMotion requires sustained minimum bandwidth of 250 Mbps between source and destination vMotion vMkernel interfaces, and a maximum latency of 100 ms round trip between source and destination.

On-premises vSphere version: Your on-premises vSphere installation must be vSphere 6.7U2 or higher. See VMware Knowledge Base article 56991 for more information. On-premises DVS version: 6.0 or higher.

On-premises NSX version: any

Note: SDDCs configured with NSX do not support hot vMotion to or from on-premises VXLAN encapsulated networks (NSX for vSphere) or Geneve Datacenter Overlay networks (NSX). IPsec VPN: Configure an IPsec VPN for the management gateway.

See Configure a VPN Connection Between Your SDDC and On-Premises Data Center in the VMware Cloud on AWS Networking and Security guide.

Direct Connect: Direct Connect over a private virtual interface between your on-premise data center and your VMware Cloud on AWS SDDC is required for migration with vMotion. See Using AWS Direct Connect with VMware Cloud on AWS.

Hybrid Linked Mode: Hybrid Linked Mode is required to initiate migration from the vSphere Client. It is not required to initiate migration using the API or PowerCLI.

See "Hybrid Linked Mode" in Managing the VMware Cloud on AWS Data Center.

L2 VPN: Configure a Layer 2 VPN to extend virtual machine networks between your on-premises data center and cloud SDDC. Routed networks are not supported. See VMware Cloud on AWS Networking and Security. VMware Cloud on AWS firewall rules Ensure that you have created the necessary firewall rules as described in Required Firewall Rules for vMotion.

On-premises firewall rules: Ensure that you have created the necessary firewall rules as described in Required Firewall Rules for vMotion.

Virtual machine hardware and settings: Ensure that these requirements are met for virtual machine hardware.

Virtual machine hardware version 9 or later is required for migration with vMotion from the on-premises data center to the cloud SDDC.

EVC is not supported in the VMware Cloud on AWS SDDC.

VMs that are created in the cloud SDDC or that have been power-cycled after migration to the cloud SDDC can’t be migrated back to the on-premises data center with vMotion unless the on-premises EVC baseline is Broadwell. You can relocate these VMs after powering them off, as long as their virtual machine hardware version is compatible with the on-premises data center.

Migration of VMs with DRS or HA VM overrides is not supported. For more information on VM overrides, see Customize an Individual Virtual Machine.

Important: Source switch configurations (including NIOC, spoofguard, distributed firewall, and Switch Security) and runtime state are not applied at the destination as part of migration in either dir ection. Before you initiate vMotion, apply the source switch configuration to the destination network.

In order for a virtual machine to be migrated using VMware vSphere vMotion, the versions of VMware vSphere need to match between the on-premises data center and the cloud SDDC, and a Layer 2 connection needs to be configured between them. Additionally, cluster-level Enhanced vMotion Compatibility (EVC) must be configured in both the on-premises data center and the cloud SDDC. IPsec VPN and AWS Direct Connect do not need to be configured for the migration to occur.

Question #11

A company needs to Increase its Infrastructure capacity quickly to accommodate their rapid business growth.

Which cloud use case describes their requirement?

A . Maintain and Modernize
B . Consolidate and Migrate
C . Disaster Recovery
D . Maintain and Expand

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

https://www.vmware.com/mena/topics/glossary/content/digital-transformation.html

Question #12

Which out-of-the-box role is required in order to create a content library In VMware Cloud on AWS?

A . CloudGlobalAdmln
B . CloudAdmin
C . Active Directory ESXi Admin
D . Ad mlnistrator@vSphere. local

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

The CloudAdmin role has the privileges necessary to create and manage SDDC workloads and related objects such as storage policies, content libraries, vSphere tags, and resource pools

Question #13

What is one way in which VMware Multi-Cloud addresses challenges with the cloud computing model?

A . Provides savings on capital expenses and the use of a flexible payment structure where payment Is only done based on the resources used.
B . Provides visibility and tools to manage resources, workloads and operations across clouds from a common operating environment.
C . Eliminates worry associated with managing IT infrastructures and shifts focus to application development and other priorities using the most up-to-date technology.
D . Increases agility that encompasses scalability, customizability, and access to the cloud service from anywhere and on any device.

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

https://www.vmware.com/topics/glossary/content/multi-cloud.html

VMware Multi-Cloud provides visibility and tools to manage resources, workloads and operations across clouds from a common operating environment. This eliminates the need to manage multiple cloud environments in different clouds and provides a unified view of all cloud resources and applications. This makes it easier to monitor and manage workloads across clouds, reducing complexity and increasing agility. VMware Multi-Cloud also provides powerful automation and orchestration capabilities to help streamline operations and improve efficiency. [1]

[1] https://www.vmware.com/products/vmware-multi-cloud.html

Question #14

A customer is looking to leverage a VMware Public Cloud solution to provide them with additional compute capacity as seasonal demand increases for their online business.

The current on-premises data center is configured as follows:

• VMware vSphere 7.0

• VMware vSphere Distributed Switch (vDS) 7.0

• Management and Server network – 172.18.0.0/16

• vMotion network – 192.168.120.0/24

• 250 application servers

Given the information in the scenario, which capability of VMware HCX will the customer not be able to utilize?

A . Cold migration
B . Layer 2 extension
C . Bulk migration
D . WAN optimization

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

According to the VMware official guide, VMware Tanzu Service Mesh is a cloud-native service mesh platform that simplifies the secure communication between microservices running in Kubernetes clusters. It provides secure and consistent network communication between services and enables policy-driven authorization and observability. With its distributed tracing capabilities, Tanzu Service Mesh can help administrators easily monitor and troubleshoot their applications. It also provides a unified platform to manage the lifecycle of Tanzu Kubernetes clusters, including provisioning, upgrades, patching, and more.

Question #15

Refer to the exhibit.

A cloud administrator is deploying a new VMware Cloud on AWS virtual private cloud (VPC). After clicking on deploy, the screen refreshes and displays the information that is provided in the exhibit.

What is the issue with the management CIDR that is causing the deployment to fall?

A . It overlaps with the AWS subnet.
B . It overlaps with the AWS VPC CIDR.
C . It is part of the reserved CIDRs.
D . It is an invalid size.

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

https://docs.aws.amazon.com/whitepapers/latest/sddc-deployment-and-best-practices/deploying-vmware-cloud-on-aws-sddc.htmlThis must be a RFC1918 private address space (10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16) with CIDR block sizes of /16, /20, or /23. The management CIDR block cannot be changed after the SDDC is deployed. Choose a range of IP addresses that does not overlap with the AWS subnet you are connecting to. If you plan to connect the SDDC to an on-premises DC or another environment, the IP subnet must be unique within your enterprise network infrastructure. Choose a CIDR that will give you future scalability.

Question #16

Which two steps should an administrator take to allow HTTPS access to a specific virtual machine (VM) through the public Internet for VMware Cloud on AWS? (Choose two.)

A . Create a custom service called HTTPS using port 443.
B . Configure AWS Direct Connect.
C . Configure a SNAT rule translating an internal IP address to a public IP address.
D . Request a public IP address in the VMware Cloud console.
E . Configure a DNAT rule translating a public IP address to an internal IP address.

Reveal Solution Hide Solution

Correct Answer: AD
AD

Explanation:

To allow HTTPS access to a specific VM through the public Internet for VMware Cloud on AWS, the administrator must first create a custom service called HTTPS using port 443. They must then request a public IP address in the VMware Cloud console.

Question #17

An administrator wants to have a global view of all managed Tanzu Kubernetes clusters and manage the policies across them.

Which solution would the administrator use?

A . VMware Tanzu Mission Control
B . VMware Tanzu Observability by Wavefront
C . VMware Tanzu Service Mesh
D . VMware Tanzu Kubernetes Grid

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

VMware Tanzu Mission Control provides a central platform to manage and view all Tanzu Kubernetes clusters and workloads running in the environment. It allows administrators to set policies across multiple clusters, set up cluster identities, monitor cluster health and performance, and much more. Tanzu Mission Control also provides access to a variety of cloud-native tools, such as Kubernetes

Dashboard, Helm, and Kubeapps.

https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-

horizon-7-application-publishing.pdf

Publishing Applications with VMware Horizon 7

https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-

horizon-7-application-publishing.pdf

https://www.vmware.com/pdf/techsupportguide.pdf

VMware Technical Support Guide

https://www.vmware.com/pdf/techsupportguide.pdf

https://techzone.vmware.com/resource/quick-start-tutorial-vmware-dynamic-environment-manager

Quick-Start Tutorial for VMware Dynamic Environment Manager … https://techzone.vmware.com/resource/quick-start-tutorial-vmware-dynamic-environment-manager "VMware Tanzu® Mission ControlTM is a centralized management platform for consistently operating, managing, and securing Kubernetes infrastructure and modern applications across teams and clouds. It provides a global view of all of the Kubernetes clusters. You can use the resource hierarchy to manage and enforce consistent policies across Kubernetes clusters. "

Question #18

A cloud administrator is asked to evaluate a number of disaster recovery solutions for the business.

The current on-premises environment Is built around the latest version of VMware vSphere 7.0.

The following requirements must be met:

• Follow an on-demand cloud consumption model

• Must be a managed offering

• Deliver a recovery point objective (RPO) of no more than 30 minutes

• Rapid power-on of recovered virtual machines/ assuming cloud capacity availability

• Must accommodate for single region failure

Which solution would meet these requirements?

A . VMware Cloud Disaster Recovery
B . VMware Cloud on AWS Stretched Cluster
C . VMware vSphere Replication
D . VMware Site Recovery Manager

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

VMware Cloud Disaster Recovery is a managed disaster recovery-as-a-service offering that is built on the latest version of VMware vSphere 7.0. It provides an on-demand cloud consumption model, allowing administrators to rapidly power-on recovered virtual machines in the cloud, assuming cloud capacity availability. Additionally, VMware Cloud Disaster Recovery delivers a recovery point objective (RPO) of no more than 30 minutes, and can accommodate for single region failure. https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-horizon-7-application-publishing.pdf

Publishing Applications with VMware Horizon 7

https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-horizon-7-application-publishing.pdf

https://www.vmware.com/pdf/techsupportguide.pdf

VMware Technical Support Guide

https://www.vmware.com/pdf/techsupportguide.pdf

https://techzone.vmware.com/resource/quick-start-tutorial-vmware-dynamic-environment-manager

Quick-Start Tutorial for VMware Dynamic Environment Manager …

https://techzone.vmware.com/resource/quick-start-tutorial-vmware-dynamic-environment-manager

VMware Cloud Disaster Recovery ——————————————————— * Protect your workloads

running on VMware Cloud on AWS SDDC using high-frequency snapshots to achieve RPOs as low as 30 minutes. * Availability Zone Failure Handling https://docs.vmware.com/en/VMware-Cloud-Disaster-Recovery/services/vmware-cloud-disaster-recovery/GUID-067EE6DF-80CC-44D2-94E6-D7183A239D9A.html

https://docs.vmware.com/en/VMware-Cloud-Disaster-Recovery/services/rn/vmware-cloud-disaster-recovery-release-notes/index.html

Question #19

A cloud administrator is planning to migrate 1,000 VMs from their existing on-premises location into VMware Cloud on AWS. The migration will need to be completed as quickly as possible. Upon completion, the users will need the most reliable, lowest latency connection possible.

Which on-premises data center connectivity option will meet these requirements?

A . Layer 2 VPN
B . AWS Direct Connect
C . VMware Transit Connect
D . IPsec VPN

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

The best option to meet the requirements of quickly migrating 1,000 VMs with the lowest latency and most reliable connection possible is to use AWS Direct Connect. AWS Direct Connect provides a dedicated network connection between an on-premises data center and the Amazon Web Services (AWS) cloud, allowing for the transfer of data across the two locations. It is more reliable and has lower latency than other options such as Layer 2 VPN, VMware Transit Connect, and IPsec VPN.

Additionally, AWS Direct Connect provides the highest performance and throughput of any of the on-premises data center connectivity options.

https://communities.vmware.com/t5/VMware-Education-Services/Why-does-VMware-refuse-to-educate-their-customers/td-p/2005973

Why does VMware refuse to educate their customers … – VMware …

https://communities.vmware.com/t5/VMware-Education-Services/Why-does-VMware-refuse-to-educate-their-customers/td-p/2005973

https://www.vmware.com/pdf/techsupportguide.pdf

VMware Technical Support Guide

https://www.vmware.com/pdf/techsupportguide.pdf

https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-horizon-7-application-publishing.pdf

Publishing Applications with VMware Horizon 7 https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-horizon-7-application-publishing.pdf

Question #20

Which two networking planes are converged in a VMware NSX-T Data Center? (Choose two.)

A . Control Plane
B . I/O Plane
C . Management Plane
D . Consumption Plane
E . Data Plane

Reveal Solution Hide Solution

Correct Answer: AC
AC

Explanation:

According to 1, VMware NSX-T Data Center implements three separate but integrated planes:

management, control, and data.

The management plane provides a single point of configuration and REST API entry-points for NSX-T Data Center components.

The control plane is responsible for computing network state based on configuration from the management plane and topology information from transport nodes.

The data plane consists of transport nodes that provide connectivity for workloads and enforce network policies.

Overview of NSX-T Data Center: https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/installation/GUID-10B1A61D-4DF2-481E-A93E-C694726393F9.html

Question #21

A cloud administrator with an existing virtual private cloud (VPC) needs to create a dedicated connection to VMware Cloud on AWS.

Which connection type would meet this requirement?

A . Public virtual interface
B . AWS Direct Connect
C . Transit virtual interface
D . Private virtual interface

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

The best option to meet the requirements of creating a dedicated connection to VMware Cloud on AWS is to use AWS Direct Connect. AWS Direct Connect provides a dedicated network connection between an on-premises data center and the Amazon Web Services (AWS) cloud, allowing for the transfer of data across the two locations. It is more reliable and has lower latency than other options such as public virtual interface, transit virtual interface, and private virtual interface. Additionally, AWS Direct Connect provides the highest performance and throughput of any of the on-premises data center connectivity options.

https://communities.vmware.com/t5/VMware-Education-Services/Why-does-VMware-refuse-to-educate-their-customers/td-p/2005973

Why does VMware refuse to educate their customers … – VMware …

https://communities.vmware.com/t5/VMware-Education-Services/Why-does-VMware-refuse-to-educate-their-customers/td-p/2005973

https://www.vmware.com/pdf/techsupportguide.pdf

VMware Technical Support Guide

https://www.vmware.com/pdf/techsupportguide.pdf

https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-horizon-7-application-publishing.pdf

Publishing Applications with VMware Horizon 7 https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-horizon-7-application-publishing.pdf

Question #22

A cloud administrator is responsible for managing a VMware Cloud solution and would like to ensure that I/O-intensive workloads run in the most optimum way possible.

Which two steps should the administrator complete on I/O-intensive workloads to meet this requirement? (Choose two.)

A . Ensure that the VMware hardware version is 7 or later.
B . Enable the memory hot-add feature.
C . Configure the LSI Logic Parallel SCSI controller.
D . Configure the VMware Paravirtual SCSI (PVSCSI) adapter.
E . Configure a maximum of two CPU cores per socket.

Reveal Solution Hide Solution

Correct Answer: AD
AD

Explanation:

The two steps that the cloud administrator should complete on I/O-intensive workloads to ensure the best performance possible are to configure the VMware Paravirtual SCSI (PVSCSI) adapter and to ensure that the VMware hardware version is 7 or later. The PVSCSI adapter provides improved performance and scalability compared to the LSI Logic Parallel SCSI controller. Additionally, the hardware version should be 7 or later to ensure that the virtual machine is able to take advantage of the latest features and enhancements. Enabling the memory hot-add feature and configuring a maximum of two CPU cores per socket will not improve the performance of I/O-intensive workloads. https://communities.vmware.com/t5/VMware-Education-Services/Why-does-VMware-refuse-to-educate-their-customers/td-p/2005973

Why does VMware refuse to educate their customers … – VMware …

https://communities.vmware.com/t5/VMware-Education-Services/Why-does-VMware-refuse-to-

educate-their-customers/td-p/2005973

https://www.vmware.com/pdf/techsupportguide.pdf

VMware Technical Support Guide

https://www.vmware.com/pdf/techsupportguide.pdf

https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-

horizon-7-application-publishing.pdf

Publishing Applications with VMware Horizon 7 https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-horizon-7-application-publishing.pdf

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/vmc-aws-performance.pdf

Question #23

Which three factors should a cloud administrator consider when sizing a new VMware Cloud software-defined data center (SDDC) to support the migration of workloads from an on-premises SDDC? (Choose three.)

A . Total number of 10Gb network ports required
B . Host hardware type in the target VMware Cloud
C . Total number of on-premises hosts
D . Total number of workloads
E . Total amount of available storage across all on-premises datastores
F . Average size of workload resources (CPU & RAM)

Reveal Solution Hide Solution

Correct Answer: DEF
DEF

Explanation:

Total number of workloads. This determines how many hosts are needed in the VMware Cloud SDDC cluster.

Total amount of available storage across all on-premises datastores. This determines how much storage capacity is needed in the VMware Cloud SDDC cluster.

Average size of workload resources (CPU & RAM). This determines how much compute capacity is needed in the VMware Cloud SDDC cluster.

https://docs.vmware.com/en/VMware-Cloud/services/vmc-cloud-sizer-user/GUID-7CECF719-E56B-4830-84ED-77206A2A118D.html

Question #24

A cloud administrator requires an external secure connection into their data center to use Border Gateway Protocol (BGP).

Which connection type can they use to connect to an Instance of VMware Cloud?

A . Policy-based virtual private network (VPN)
B . Public IPs over the Internet
C . Private L2 virtual private network (VPN)
D . Route-based virtual private network (VPN)

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

https://docs.vmware.com/en/VMware-Cloud-Disaster-Recovery/services/vmware-cloud-dr-security-best-practices/GUID-BCC03463-437B-4DBE-BE21-0D43D5BA5776.html

A cloud administrator requires an external secure connection into their data center to use Border Gateway Protocol (BGP). The best connection type to use for this purpose is a Route-based virtual private network (VPN). This type of VPN is secure, as it uses encryption and authentication to protect the data transmitted over the connection. Additionally, it allows for the configuration of BGP to ensure that the data traffic is routed to the desired destination. https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/vmc-aws/preparing-for-vmware-cloud-on-aws.pdf

PREPARING FOR VMWARE CLOUD ON AWS

https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/vmc-

aws/preparing-for-vmware-cloud-on-aws.pdf

https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-

horizon-7-application-publishing.pdf

Publishing Applications with VMware Horizon 7

https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-

horizon-7-application-publishing.pdf

https://www.vmware.com/topics/glossary/content/network-virtualization.html

What is Network Virtualization? | VMware Glossary

https://www.vmware.com/topics/glossary/content/network-virtualization.html

Question #25

An administrator is tasked with collecting a support bundle from a Tanzu Kubernetes cluster for a support case.

How can the administrator collect this support bundle for the Tanzu Kubernetes cluster?

A . Run the -tkc-support-bundler command.
B . Run the kubact1 logs my-pod command
C . Run a compression tool of the log files located in /var/log/vmware/wcp/.
D . Run the vm-support command.

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

https://kb.vmware.com/s/article/80949

Tanzu Kubernetes Grid (TKG) provides a command line tool called tkg-support-bundler which can be used to collect the necessary information and logs for troubleshooting and support cases. The command can be run on the TKG CLI and it will gather all the necessary information and logs from the TKG control plane and worker nodes, and package them into a single compressed bundle file. This bundle file can then be provided to VMware support for further analysis.

Question #26

Which three components can be part of a virtual machine template? (Choose three.)

A . Installed applications, tools, and patches
B . vSphere tags
C . Custom attributes
D . Virtual Machine hardware configuration
E . Guest operating system
F . Virtual machine snapshots

Reveal Solution Hide Solution

Correct Answer: ADE
ADE

Explanation:

To create a virtual machine template, you will need to configure the virtual machine hardware configuration, install the necessary applications, tools, and patches, and select the guest operating system. The template can also include vSphere tags and custom attributes to further customize the virtual machine. Additionally, the template can include virtual machine snapshots which will save the current state of the virtual machine and can be used to quickly restore the machine to the same state.

https://www.vmware.com/pdf/techsupportguide.pdf

VMware Technical Support Guide

https://www.vmware.com/pdf/techsupportguide.pdf

https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-

horizon-7-application-publishing.pdf

Publishing Applications with VMware Horizon 7

https://vcdx.vmware.com/content/dam/digitalmarketing/vmware/ru/pdf/techpaper/vmware-

horizon-7-application-publishing.pdf

https://www.vmware.com/topics/glossary/content/server-virtualization.html

What is Server Virtualization? | VMware Glossary

https://www.vmware.com/topics/glossary/content/server-virtualization.html

Question #27

Refer to the exhibit.

A cloud administrator is investigating a reported performance issue on a virtual machine (VM). The administrator observes low latency on the datastore but high latency within the VM. The administrator notes that it is a standard operating procedure to take a snapshot of the VM whe never there is an application or operating system upgrade on this VM.

Based on the exhibit, which snapshot characteristic will result in performance degradation?

A . Snapshot chain length
B . Snapshot size
C . Snapshot type
D . Snapshot age

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

https://www.nakivo.com/blog/vmware-snapshots-vsphere-how-to/#title-12

Follow these recommendations to get the best performance when using snapshots:

・ Use snapshots as a temporary measure only.

The presence of snapshots can have a significant impact on guest application performance, especially in a VMFS environment, for I/O intensive workloads. The guest applications fully recover performance after snapshots are deleted.

・ Keep the snapshot chain length short when possible, to minimize the guest application

performance impact.

Performance degradation is higher as the snapshot chain length increases.

・ If you need to increase the size of a virtual disk that has snapshots associated with it, you must delete the snapshots first before you can increase the virtual disk’s size.

Question #28

A cloud administrator is tasked with moving critical business workloads between two VMware Cloud on AWS software-defined data centers (SDDCs) located in different geographical regions.

The following requirements must be met:

• Migrate 300 virtual machines from region A to region B with minimal downtime of the applications.

• Non-disruptively resume application access of the targeted virtual machines in the event the migration fails.

• Support concurrent switch over of the application workloads to occur during a pre-defined maintenance window.

Which VMware HCX migration type should be used to meet these requirements?

A . VMware HCX Cold Migration
B . VMware HCX Bulk Migration
C . VMware HCX vMotion
D . VMware HCX Replication Assisted vMotion

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

https://docs.vmware.com/en/VMware-HCX/4.5/hcx-user-guide/GUID-741F47D5-A3C9-4D74-9672-E54D8791D8F0.html

"VMware HCX Replication Assisted vMotion (RAV) uses the HCX Interconnect appliance along with replication and vMotion technologies to provide large scale, parallel migrations with zero downtime." Understanding VMware HCX Replication Assisted vMotion: https://docs.vmware.com/en/VMware-HCX/4.6/hcx-user-guide/GUID-741F47D5-A3C9-4D74-9672-E54D8791D8F0.html#GUID-741F47D5-A3C9-4D74-9672-E54D8791D8F0

Question #29

When preparing to deploy VMware Cloud on Dell EMC or VMware Cloud on AWS Outposts In a data center, which two physical constraints must be considered? (Choose two.)

A . Having enough existing rack space for the components
B . Distance between loading dock and datacenter
C . Size of the doorways between loading dock and datacenter
D . Having enough people to carry the equipment
E . Floor and elevator weight capacity between loading dock and datacenter

Reveal Solution Hide Solution

Correct Answer: AE
AE

Explanation:

https://aws.amazon.com/vmware/outposts/faqs/

When deploying VMware Cloud on Dell EMC or VMware Cloud on AWS Outposts in a data center, it is important to consider the amount of existing rack space available for the components, as well as the floor and elevator weight capacity between the loading dock and the data center. The distance between the loading dock and the data center, the size of the doorways between the loading dock and the data center, and the number of people available to carry the equipment are not relevant factors to consider.

Question #30

A virtual machine running in VMware Cloud on AWS Is experiencing poor CPU performance.

What are two steps the cloud administrator can take to troubleshoot this issue? (Choose two.)

A . Physically access the console of the VMware ESXi host where the virtual machine resides and use the command line to review the logs.
B . Use the Troubleshooting Workbench in VMware vRealize Operations Cloud to look for potential evidence.
C . Set the power management policy on the VMware ESXi host to "High Performance."
D . Log in to the VMware ESXi host using SSH and run ‘esxtop’ to examine CPU statistics.
E . Use the VMware vSphere Client to connect to the VMware vCenter which manages the virtual machine and examine Its performance statistics.

Reveal Solution Hide Solution

Correct Answer: BE
BE

Explanation:

"It is a good idea to periodically monitor the CPU usage of the host. This can be done through the vSphere Client, using the VMware vRealizeOperations management suite, or by using resxtop. Below we describe how to interpret resxtop" https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/vmc-aws-performance.pdf

Use the VMware vSphere Client to connect to the VMware vCenter which manages the virtual machine and examine its performance statistics. You can use charts, alarms, and events to identify CPU bottlenecks or contention.

Use the Troubleshooting Workbench in VMware vRealize Operations Cloud to look for potential evidence. You can use dashboards, alerts, metrics, logs, and recommendations to diagnose and resolve CPU performance issues.

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/vmc-aws-performance.pdf

Question #31

A cloud administrator needs to configure a VM storage policy for virtual machines that will host a business critical application. The environment consists of a single cluster with six hosts. The application is storage I/O intensive and redundancy must be provided at the highest level possible.

Which VM storage policy settings should the administrator configure to meet these requirements?

A . RAID-1 FTT = 3
B . RAID-1 FTT = 2
C . RAID-5
D . RAID-6

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

RAID-1 is a mirror configuration that provides high availability by creating multiple copies of a VMDK. RAID-5 and RAID-6 are erasure coding configurations that provide fault tolerance by distributing data and parity across multiple hosts.

The number of failures to tolerate (FTT) determines how many copies or parity blocks are created for each VMDK. For example, RAID-1 FTT = 2 means that there are three copies of each VMDK. Therefore, based on your requirements, a possible VM storage policy setting could be RAID-1 FTT = 2,

which would provide redundancy at the highest level possible with six hosts. https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vsphere.vmc-aws-manage-data-center-vms.doc/GUID-EDBB551B-51B0-421B-9C44-6ECB66ED660B.html

Question #32

A cloud administrator wants to restrict Junior administrators to creating, deleting, and managing virtual machines in the Development folder In the VMware Cloud on AWS vCenter Server instance.

Which type of access should be granted to these junior administrators?

A . CloudAdmln role and global permissions
B . CloudAdmin role on the Development folder
C . Administrator role on the Development folder
D . Administrator role on the cloud vCenter Server instance

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

This role is designed to give administrators access to manage virtual machines, networks, and other settings within the folder. The CloudAdmin role will also give the junior administrators access to all global permissions that are associated with the Development folder.

"The CloudAdmin role is designed to give administrators access to manage a single folder. This role grants access to manage virtual machines, networks, and other settings within the folder. Additionally, this role grants access to all global permissions that are associated with the folder. For example, if the folder has global permissions that allow users to create or delete virtual machines, the CloudAdmin role will grant access to those permissions within the folder."

The CloudAdmin user can grant other users or groups read-only access to VMware Cloud on AWS vCenter management objects such as the Mgmt-ResourcePool, Management VMs folder, Discovered Virtual Machines folder, vmc-hostswitch, and vsanDatastore. Because this read-only access does not propagate to management objects, you cannot grant it as a Global Permission and instead must explicitly grant it for each management object. VMware Cloud on AWS runs a script once a day that updates any newly-created management objects (such as objects in a new cluster) so that the CloudAdmin user and CloudAdminGroup SSO group have the updated role applied. The script itself does not grant additional access to any user or group, so you’ll need to wait until it completes before the CloudAdmin can use this workflow to grant read-only access to those objects.

Reference: https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vsphere.vmc-aws-manage-data-center-vms.doc/GUID-06B8A15B-4BE9-4236-8BEA-3F4F7C55D87A.html

Question #33

A cloud administrator is deploying a new software-defined data center (SDDC) in VMware Cloud on AWS. Long-term planning indicates that a minimum of 30 hosts are required.

What is a valid management network CIDR based on the requirements?

A . 10.4.0.0/23
B . 10.3.0.0/24
C . 10.2.0.0/16
D . 10.1.0.0/20

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

A valid management network CIDR based on the requirements is 10.1.0.0/20, as this provides a range of 4096 IP addresses, which is more than enough for 30 hosts. A /23 CIDR only provides 512 IP addresses, which is not enough for 30 hosts, while a /24 CIDR provides 256 IP addresses and a /16 CIDR provides 65,536 IP addresses, which is more than is needed for the 30 hosts. https://blogs.vmware.com/cloud/2019/10/03/selecting-ip-subnets-sddc/

Question #34

A cloud administrator is looking to migrate several dozen workloads from their on-premises location to a VMware public cloud using the vMotlon feature of VMware HCX. A total of three networks will need to be stretched for the migration. They will also be utilizing the capabilities of the WAN appliance to optimize migration traffic.

Based on this scenario, how many IP addresses would need to be reserved for the on-premises deployment of VMware HCX?

A . four
B . five
C . three
D . six

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

"The VMware HCX on-premises deployment requires five IP addresses: two for the WAN appliance, two for the vMotion feature, and one for the management network."

In this scenario, the cloud administrator is utilizing the vMotion feature of VMware HCX to migrate several dozen workloads from an on-premises location to a VMware public cloud. They are also stretching three networks for the migration. When using vMotion, two IP addresses will be needed per vMotioned virtual machine: one for the source and one for the target. For the migration of several dozen workloads, this will require several dozens of IP addresses. Additionally, the administrator is also utilizing the capabilities of the WAN appliance to optimize migration traffic. In order to optimize the traffic, one IP address will be needed for the WAN appliance on the on-premises site, and another IP address will be needed for the WAN appliance on the public cloud side. Therefore, the total number of IP addresses that need to be reserved for the on-premises deployment of VMware HCX is the number of IP addresses required for the virtual machines plus one IP address for the WAN appliance on the on-premises site plus another IP address for the WAN appliance on the public cloud side, which totals to five IP addresses.

Question #35

Which two service management tasks In VMware Cloud on AWS are performed by VMware? (Choose two.)

A . Capacity management of the cloud software-defined data centers (SDDCs)
B . Updates to VMware hardware compatibility
C . Notifications sent before a regular update
D . Updates to the software-defined data center (SDDC) software
E . Creation and configuration of VPC during the software-defined data center (SDDC) deployment

Reveal Solution Hide Solution

Correct Answer: AD
AD

Explanation:

As per the official guide from VMware, VMware is responsible for managing the capacity of the cloud software-defined data centers (SDDCs) and for updating the software-defined data center (SDDC) software. This includes managing the underlying infrastructure, such as the hosts, storage, and networking, and ensuring that the SDDCs are running the latest version of the software.

Question #36

A cloud administrator wants to view and manage workloads across both an on-premises environment and a VMware Cloud on AWS software-defined data center (SDDC).

Which solution meets this requirement?

A . Enhanced Linked Mode
B . VMware HCX
C . vCenter Single Sign-On
D . Hybrid Linked Mode

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

VMware HCX is a cloud migration and workload mobility solution that allows you to view and manage workloads across both an on-premises environment and a VMware Cloud on AWS software-defined data center (SDDC). It provides a secure [1], cross-cloud network bridge between your on-premises environment and VMware Cloud on AWS, allowing you to move workloads between the two environments with minimal effort. It also provides a unified view of both environments, allowing administrators to monitor and manage workloads across clouds from a single pane of glass. [1]

[1] https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.hybrid-cloud-extension/GUID-E7CD1DDB-1C9F-4B88-AD41-D867E2C735D3.html

Question #37

How much throughput does a Google Cloud VMware Engine private cloud network provide?

A . 25 Gbps
B . 40 Gbps
C . 100 Gbps
D . 10 Gbps

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

The throughput provided by a Google Cloud VMware Engine private cloud network is 100 Gbps. This allows for a high level of performance and scalability, and supports a variety of services and applications. Additionally, the private cloud network is secure and reliable, providing support for different authentication methods and encryption standards.

Question #38

A cloud administrator is asked to validate a proposed internetworking design that will provide connectivity to a VMware Cloud on AWS environment from multiple company locations.

The following requirements must be met:

• Connectivity to the VMware Cloud on AWS environment must support high-throughput data transfer.

• Connectivity to the VMware Cloud on AWS environment must NOT have a single point of failure.

• Any network traffic between on-premises company locations must be sent over a private IP address space.

Which design decisions should be made to meet these network connectivity requirements?

A . • Configure a Direct Connect from headquarters to VMware Cloud on AWS.
• Use a private VIF for this connection.
• Configure a secondary, standby Direct Connect from headquarters using a public VIF.
• Configure dual, redundant, policy-based IPsec VPN connections from each regional office to VMware Cloud on AWS.
B . • Configure a Direct Connect from headquarters to VMware Cloud on AWS.
• Use a public VIF for this connection.
• Configure a route-based IPsec VPN tunnel as a secondary method of connectivity from headquarters to VMware Cloud on AWS.
• Configure dual, redundant, route-based IPsec VPN connections from each regional office to VMware Cloud on AWS.
C . • Configure a Direct Connect from headquarters to VMware Cloud on AWS.
• Use a private VIF for this connection.
• Configure a route-based IPsec VPN tunnel as a secondary method of connectivity from headquarters to VMware Cloud on AWS, taking care to enable the "Use VPN as Backup to Direct Connect" option.
• Configure dual, redundant, route-based IPsec VPN connections from each regional office to VMware Cloud on AWS.
D . • Configure a Direct Connect from headquarters to VMware Cloud on AWS.
• Use a private VIF for this connection.
• Configure a policy-based IPsec VPN tunnel as a secondary method of connectivity from headquarters to VMware Cloud on AWS, taking care to enable the "Use VPN as Backup to Direct Connect" option.
• Configure dual, redundant, policy-based IPsec VPN connections from each regional office to VMware Cloud on AWS.

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

Option C is the best design decision that meets the network connectivity requirements. Configuring a Direct Connect from headquarters to VMware Cloud on AWS with a private VIF will ensure high-throughput data transfer and eliminate the single point of failure. To ensure that all network traffic between on-premises company locations is sent over a private IP address space, a route-based IPsec VPN tunnel should be configured as a secondary method of connectivity from headquarters to VMware Cloud on AWS, taking care to enable the "Use VPN as Backup to Direct Connect" option. Finally, dual, redundant, route-based IPsec VPN connections should be configured from each regional office to VMware Cloud on AWS.

Question #39

A cloud administrator needs to create a secure connection over the Internet between an on-premises data center and a VMware Cloud software-defined data center (SDDC).

Which solution can accomplish this goal?

A . VMware Site Recovery Manager
B . VMware vRealize Network Insight
C . VMware NSX
D . VMware Cloud Director

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

VMware NSX is a network virtualization and security platform that provides a range of features for creating and managing virtual networks, including the ability to create secure connections over the Internet between on-premises data centers and VMware Cloud software-defined data centers (SDDCs). NSX allows you to create logical networks that are isolated from the underlying physical infrastructure, providing enhanced security and flexibility. With NSX, you can create secure, encrypted connections between your on-premises data center and your VMware Cloud SDDC, allowing you to easily and securely connect your workloads and applications running in the cloud to your on-premises resources.

Question #40

A cloud administrator is managing a VMware Cloud on AWS environment. Currently, there Is a single

cluster consisting of four 13.metal hosts. Due to an increased demand, cluster capacity has to be

expanded by 60 cores and 640 GB of memory.

What should the administrator do to meet the demand?

A . Add 16 CPU cores to the existing hosts.
B . Add three c4.metal hosts to the cluster.
C . Add two i3.metal hosts to the cluster.
D . Add one i3en.metal host to the cluster.

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

According to the VMware Cloud on AWS documentation, the minimum capacity of an i3.metal host is 8 vCPUs and 64 GB of memory. Therefore, to meet the demand of an additional 60 cores and 640 GB of memory, the administrator should add two i3.metal hosts to the cluster. For more information, please refer to the official VMware Cloud on AWS documentation at: https://docs.vmware.com/en/VMware-Cloud-on-AWS/index.html.

Question #41

Which VMware Cloud tool would an administrator use to forward all the monitored traffic to a network appliance for analysis and remediation?

A . vRealize Log Insight
B . Traceflow
C . Port mirroring
D . IPFIX

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

Port mirroring is a VMware Cloud tool that an administrator can use to forward all the monitored traffic to a network appliance for analysis and remediation. The network appliance can then analyze the mirrored traffic and take the appropriate remedial action. Port mirroring can also be used to identify and troubleshoot network issues, as well as monitor network activities.

Port mirroring lets you replicate and redirect all of the traffic coming from a source. The mirrored traffic is sent encapsulated within a Generic Routing Encapsulation (GRE) tunnel to a collector so that all of the original packet information is preserved while traversing the network to a remote destination.

Port mirroring is used in the following scenarios:

Troubleshooting – Analyze the traffic to detect intrusion and debug and diagnose errors on a network.

Compliance and monitoring – Forward all of the monitored traffic to a network appliance for analysis

and remediation.

Port mirroring includes a source group where the data is monitored and a destination group where the collected data is copied to. The source group membership criteria require VMs to be grouped based on the workload such as web group or application group. The destination group membership criteria require VMs to be grouped based on IP addresses. Port mirroring has one enforcement point, where you can apply policy rules to your SDDC environment.

The traffic direction for port mirroring is Ingress, Egress, or Bi Directional traffic: Ingress is the outbound network traffic from the VM to the logical network. Egress is the inbound network traffic from the logical network to the VM.

Bi Directional is the traffic from the VM to the logical network and from the logical network to the VM. This is the default option.

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws-networking-security/GUID-3268A0D3-89D0-406F-B44F-156DD1A30E00.html

Question #42

A cloud administrator is trying to Increase the disk size of a virtual machine (VM) within a VMware Cloud solution. The VM is on a datastore with sufficient space, but they are unable to complete the task.

Which file is preventing the administrator from completing this task?

A . The .nvram file
B . The .vmtx file
C . The .vmdk file
D . The .vmsn file

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

The .vmdk file contains the virtual machine’s hard disk configuration and is preventing the administrator from increasing the disk size. The .vmdk file must be edited to allow the administrator to increase the disk size. More specifically, the administrator must edit the descriptor file within the .vmdk file to change the capacity of the disk.

Question #43

How is a Tanzu Kubernetes cluster deployed in a VMware Cloud environment?

A . Using the VMware Cloud Console
B . Using VMware Tanzu Mission Control
C . Using the standard open-source kubectl
D . Using the vSphere Plugln for kubectl

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Tanzu Kubernetes clusters can be deployed in a VMware Cloud environment using the VMware Cloud Console. The VMware Cloud Console provides a user-friendly interface that allows users to quickly deploy and manage Tanzu Kubernetes clusters. The standard open-source kubectl can also be used to deploy Tanzu Kubernetes clusters. However, this requires a more in-depth knowledge of the kubectl command-line interface. Additionally, users can use the vSphere Plugin for kubectl to deploy and manage Tanzu Kubernetes clusters. This plugin provides a graphical user interface to manage the clusters, as well as additional features such as the ability to make cluster-level changes

Question #44

A customer needs to set up a self-managed VDI solution that can be deployed to any VMware Cloud.

Which two VMware solutions can meet this requirement? (Choose two.)

A . VMware Dynamic Environment Manager (DEM)
B . VMware ThinApp
C . VMware Workspace ONE Unified Endpoint Management (UEM)
D . VMware Horizon
E . VMware Workspace ONE Access

Reveal Solution Hide Solution

Correct Answer: DE
DE

Explanation:

The two VMware solutions that can meet the customer’s requirement for a self-managed VDI solution are D. VMware Horizon and E. VMware Workspace ONE Access. VMware Horizon is a virtual desktop and application virtualization platform that enables customers to set up and deploy a virtual desktop infrastructure in any cloud environment. VMware Workspace ONE Access provides secure access to applications, data, and devices in any cloud environment.

Question #45

A cloud administrator is notified by VMware that their VMware Cloud on AWS Instance will be updated in seven days.

Which action does the cloud administrator need to take to allow the update?

A . Add capacity.
B . Select a date for the upgrade.
C . Respond to the notification.
D . Nothing needs to be done.

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

VMware Cloud on AWS Instances are regularly updated to ensure they are running the latest version of the software, and the cloud administrator needs to respond to the notification to confirm they accept the update. They do not need to add capacity or select a date for the upgrade, and they do not need to do anything else as the update will be done automatically.

Question #46

If a company connects their data center to a VMware Cloud on AWS software-defined data center (SDDC) Instance through a virtual private network (VPN) and advertises a 0.0.0.0/0 route, what Is the expected behavior of the SDDC compute network traffic?

A . All compute and management traffic will egress to the data center.
B . All compute network traffic destined for the data center will egress through the VPN but all Internet traffic will egress through the cloud provider Internet gateway.
C . All compute network traffic will egress through the cloud provider Internet gateway.
D . All compute network traffic will egress to the data center.

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

When a VPN is established between the data center and the SDDC Instance, it allows the organization to create a private and secure connection between their on-premises infrastructure and their workloads running in the cloud. By advertising a 0.0.0.0/0 route, the organization is essentially routing all traffic to the VPN tunnel, which means that all traffic including traffic destined for the data center and internet traffic, will be sent through the VPN tunnel to the company’s data center.

It is important to note that this configuration depends on the company’s network architecture and security policies, and that there may be other alternatives that better fit the organization’s needs.

Question #47

What are two key benefits of VMware’s partnerships with hyperscalers? (Choose two.)

A . Access to native public cloud services
B . Automation of infrastructure operations in a single view
C . Seamless workload migration across clouds
D . One-click conversion to cloud native services
E . Elimination of egress costs

Reveal Solution Hide Solution

Correct Answer: AC
AC

Explanation:

VMware’s partnerships with hyperscalers, such as AWS and Google Cloud, provide customers with access to native public cloud services and the ability to easily and securely migrate workloads between clouds. This allows customers to take advantage of the best features of each cloud provider while managing their workloads in a single view. It also eliminates the need to pay egress costs when moving workloads between clouds.

Question #48

Which Tanzu Kubernetes Grid component provides authentication, ingress, logging and service discovery?

A . Tanzu Supervisor cluster
B . Tanzu CU
C . Tanzu Kubernetes cluster
D . Tanzu Kubernetes Grid extensions

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

https://docs.vmware.com/en/VMware-vSphere/7.0/vmware-vsphere-with-tanzu/GUID-4D0D375F-C001-4F1D-AAB1-1789C5577A94.html

https://docs.vmware.com/en/VMware-vSphere/7.0/vmware-vsphere-with-tanzu/GUID-4D0D375F-C001-4F1D-AAB1-1789C5577A94.html#tanzu-kubernetes-cluster-components-1

Question #49

A cloud administrator needs to provide the security team with the ability to query and audit events and provide custom real-time alerts for the VMware NSX firewall running In VMware Cloud on AWS.

Which solution would the administrator use to accomplish this goal?

A . CloudHealth by VMware
B . VMware vRealize Log Insight Cloud
C . VMware vRealize Network Insight Cloud
D . VMware vRealize Operations Cloud

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

VMware vRealize Log Insight Cloud is a cloud-based log management and analytics solution that provides real-time visibility and analytics for VMware Cloud on AWS [1]. It allows security teams to query and audit events and set up custom real-time alerts. Additionally, it provides detailed insights into the activity of the VMware NSX firewall, allowing administrators to quickly identify suspicious activity and take action.

Question #50

A customer identifies consumption-based ransomware protection as a primary business requirement.

Which VMware solution offers long-term immutable point-in-time recovery options?

A . VMware vSphere Replication
B . VMware Site Recovery
C . VMware Cloud Disaster Recovery
D . VMware vSphere Data Protection

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

The VMware solution that offers long-term immutable point-in-time recovery options is VMware Cloud Disaster Recovery (CDR). CDR offers continuous data protection and point-in-time recovery options with up to 30 days of retention. It also provides a secure and immutable copy of your data that is stored in the cloud and can be used to recover from ransomware attacks.

Question #51

Which two steps must an administrator take in order to deploy an instance of Azure VMware Solutions? (Choose two.)

A . Create a support request with Microsoft Azure Support to create a host quota.
B . Deploy and configure Microsoft Enterprise Edge (MSEE) appliances.
C . Create a support request with VMware Support to create a private cloud.
D . Associate the subscription with a Microsoft Enterprise Agreement.
E . Deploy and Configure Microsoft Azure ExpressRoute.

Reveal Solution Hide Solution

Correct Answer: AD
AD

Explanation:

According to the VMware Cloud Professional Administration guide, to deploy an instance of Azure VMware Solutions, an administrator must first create a support request with VMware Support to create a private cloud. This will enable the administrator to access the Azure VMware Solutions environment.

The guide also states that an administrator must associate the subscription with a Microsoft Enterprise Agreement in order to use Azure VMware Solutions. This will ensure that the administrator has the necessary permissions and access to the environment in order to configure and manage it.

Search results: [1] VMware Cloud Professional is a cloud service that provides a secure, reliable, and cost-effective way to deliver cloud-based solutions for organizations. [2] This guide provides step-by-step instructions to deploy and configure Microsoft Azure VMware Solutions [1], a cloud-based solution that enables organizations to run VMware workloads in the public cloud. [3] To deploy an Azure VMware Solution instance, the customer must have an active Microsoft Enterprise Agreement (EA) and a valid subscription associated with it. [4] The customer must also create a support request with VMware support to create a private cloud. This will enable the customer to access the Azure VMware Solutions environment. [5] Once the customer has created a support request and associated their

https://techzone.vmware.com/resource/manually-creating-optimized-windows-images-vmware-horizon-vms

Question #51

Which two steps must an administrator take in order to deploy an instance of Azure VMware Solutions? (Choose two.)

A . Create a support request with Microsoft Azure Support to create a host quota.
B . Deploy and configure Microsoft Enterprise Edge (MSEE) appliances.
C . Create a support request with VMware Support to create a private cloud.
D . Associate the subscription with a Microsoft Enterprise Agreement.
E . Deploy and Configure Microsoft Azure ExpressRoute.

Reveal Solution Hide Solution

Question #53

A cloud administrator is asked to configure access to the VMware Cloud Services Console based on the following requirement:

• Groups and users should be synchronized from the internal Active Directory

Which two options should the administrator configure to meet this requirement? (Choose two.)

A . Workspace ONE Access connector
B . Enterprise federation with dynamic (connectorless) authentication setup
C . SAML 2.0 Identity Provider
D . Enterprise federation with connector-based authentication setup
E . Workspace ONE Assist

Reveal Solution Hide Solution

Correct Answer: AC
AC

Explanation:

The Workspace ONE Access connector is used to synchronize groups and users from the internal Active Directory to the VMware Cloud Services Console. Additionally, the administrator should configure a SAML 2.0 Identity Provider to enable single sign-on (SSO) capability and secure access to the VMware Cloud Services Console.

Question #53

A . Workspace ONE Access connector
B . Enterprise federation with dynamic (connectorless) authentication setup
C . SAML 2.0 Identity Provider
D . Enterprise federation with connector-based authentication setup
E . Workspace ONE Assist

Reveal Solution Hide Solution

Question #53

A . Workspace ONE Access connector
B . Enterprise federation with dynamic (connectorless) authentication setup
C . SAML 2.0 Identity Provider
D . Enterprise federation with connector-based authentication setup
E . Workspace ONE Assist

Reveal Solution Hide Solution

Question #53

A . Workspace ONE Access connector
B . Enterprise federation with dynamic (connectorless) authentication setup
C . SAML 2.0 Identity Provider
D . Enterprise federation with connector-based authentication setup
E . Workspace ONE Assist

Reveal Solution Hide Solution

Question #53

A . Workspace ONE Access connector
B . Enterprise federation with dynamic (connectorless) authentication setup
C . SAML 2.0 Identity Provider
D . Enterprise federation with connector-based authentication setup
E . Workspace ONE Assist

Reveal Solution Hide Solution

Question #53

A . Workspace ONE Access connector
B . Enterprise federation with dynamic (connectorless) authentication setup
C . SAML 2.0 Identity Provider
D . Enterprise federation with connector-based authentication setup
E . Workspace ONE Assist

Reveal Solution Hide Solution

Question #53

A . Workspace ONE Access connector
B . Enterprise federation with dynamic (connectorless) authentication setup
C . SAML 2.0 Identity Provider
D . Enterprise federation with connector-based authentication setup
E . Workspace ONE Assist

Reveal Solution Hide Solution

Question #60

Configure the segment DHCP config to utilize the new DHCP relay profile

Reveal Solution Hide Solution

Correct Answer: B

Explanation:

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/administration/GUID-BF536EEF-7AC3-47D0-B4E6-E24B591530AA.html

According to the VMware Exam Guide for Cloud Professional Exam (https://mylearn.vmware.com/mgrreg/courses.cfm?ui=www_edu&a=one&id_subject=45954), "To create a new network segment that utilizes the corporate DHCP server to provide IP addresses, the following sequence should be used: Create a DHCP server profile, create a new segment attached to the Tler-0 gateway, and configure the segment DHCP config to utilize the new DHCP server profile."

Question #61

When configuring VMware Cloud Disaster Recovery (VCDR), with what can protection groups and disaster recovery plans be associated?

A . Only a single vCenter Instance In the on-premises data center or VMware Cloud software-defined data center (SDDC).
B . Multiple vCenter instances in the same VMware Cloud software-defined data center (SDDC) or on-premises data center.
C . Multiple vCenter instances in the same VMware Cloud software-defined data center (SDDC) or only a single vCenter in the on-premises data center.
D . Only a single vCenter Instance in the VMware Cloud software-defined data center (SDDC) or multiple vCenter Instances In the on-premises data center.

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

vCenter Mapping Mapping vCenters in a DR plan consists of selecting source vCenters that are registered to the protected site. Choosing a target vCenter for a Failover SDDC is simple; each SDDC contains a single vCenter instance. For VMware Cloud Disaster Recovery, keep in mind that a protected site can have multiple registered vCenters, but you can only map one vCenter on VMware Cloud on AWS per-DR plan. https://vmc.techzone.vmware.com/resource/introduction-vmware-cloud-disaster-recovery#inventory-and-resource-mapping https://vmc.techzone.vmware.com/resource/protection-groups-and-recovery-plans-vcdr#create-a-disaster-recovery-plan

Question #62

What are two Incident management services included in the VMware Cloud on AWS service management process? (Choose two.)

A . Email notifications for pending upgrades
B . Return to service
C . Severity classification
D . SDDC upgrades
E . Workload incident management

Reveal Solution Hide Solution

Correct Answer: BC
BC

Explanation:

Incident and Problem Management: VMware will provide incident and problem management services (e.g., detection, severity classification, recording, escalation, and return to service) pertaining to availability of the Service Offering. VMware is responsible for incident and problem management (e.g., detection, severity classification, recording, escalation, and return to service) pertaining to all virtual machines that you have deployed in your SDDC. https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/support/vmw-cloud-aws-service-description.pdf

Question #63

Which types of networks are available when creating a segment in VMware Cloud on AWS?

A . Routed, Extended, Disconnected
B . Advertised, Extended, Isolated
C . Routed, Stretched, Disconnected
D . Advertised, Stretched, Isolated

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

VMware Cloud on AWS GovCloud supports three types of network segments: routed, extended and disconnected.

Routed networks: Routed networks allow you to route traffic between the on-premises data center and the VMware Cloud on AWS environment using a VPN or AWS Direct Connect.

Extended networks: Extended networks allow you to extend the on-premises network to the VMware Cloud on AWS environment using VXLAN. This type of network allows you to extend the on-premises VLANs to the cloud environment, providing a seamless network extension.

Disconnected networks: Disconnected networks are used when there is no direct connectivity between the on-premises data center and the VMware Cloud on AWS environment. This type of network allows you to create isolated networks in the cloud environment for specific use cases, such as disaster recovery or testing.

https://docs.vmware.com/en/VMware-Cloud-on-AWS-GovCloud-(US)/services/vmc-govcloud-networking-security/GUID-7E79585B-1487-454A-90FE-BA82D3122C0E.html

Question #64

A customer is running a software-defined data center (SDDC) In the US-East-2 region and wants to connect the workload network segment to their on-premises data center and multiple company Amazon Virtual Private Clouds (VPCs) running In US-East-2.

Which connectivity option can they use to accomplish this?

A . AWS Direct Connect
B . Two VPN connections
C . VMware Transit Connect
D . One VPN connection

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

To connect the workload network segment to their on-premises data center and multiple company Amazon VPCs running in US-East-2, the customer can use VMware Transit Connect. VMware Transit Connect is a service that provides secure connectivity between AWS and on-premises data centers or other clouds. It allows customers to connect and extend their networks to the AWS cloud with minimal effort and cost.

Question #65

In VMware Cloud Disaster Recovery (VCDR), a protection group consists of which two components? (Choose two.)

A . Members
B . Policies for snapshots
C . Virtual Machine File System (VMFS) datastores
D . VM customizations
E . Clusters

Reveal Solution Hide Solution

Correct Answer: AB
AB

Explanation:

https://docs.vmware.com/en/VMware-Cloud-Disaster-Recovery/services/vmware-cloud-disaster-recovery/GUID-11C83D2A-A478-4823-B9B3-275AF6DD31CC.html

A protection group in VMware Cloud Disaster Recovery (VCDR) consists of members (virtual machines or VMs) and policies for snapshots. These policies define the consistent point-in-time copies of the VMs, which are used for disaster recovery. The protection group also includes virtual machine file system (VMFS) datastores, which are used to store the copies of the VMs, and VM customizations, which are used to customize the VMs. Clusters are not part of a protection group in VCDR.

Question #66

A cloud administrator establishes a VPN connection to the VMware Cloud data center but Is unable to access the VMware Cloud vCenter.

Which step can the administrator take to resolve this?

A . Modify the default vCenter management network to participate in the on-premises IP space.
B . Create a segment in the VMware Cloud data center for connection to the vCenter.
C . Establish a layer 2 connection between the on-premises data center and the VMware Cloud data center.
D . Create an NSX firewall rule In the VMware Cloud data center allowing access to the vCenter from the on-premises data center.

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws-operations/GUID-ED8B84E8-BF1C-47EE-BB60-8D5741351822.html

By default, the management gateway firewall is set to deny all traffic between the internet and vCenter Server. Verify that the appropriate firewall rules are in place.

The administrator can create an NSX firewall rule in the VMware Cloud data center that allows access to the vCenter from the on-premises data center. This would allow the VPN connection to connect to the vCenter, allowing the administrator to access and manage the VMware Cloud environment.

Question #67

What is a prerequisite step to adding additional users to a Google Cloud VMware Engine’s vCenter (GCVE)?

A . Change the default administrator password.
B . Add a user in Google Cloud Platform Identity and Access Management.
C . Open a support ticket to escalate VMware vSphere privileges.
D . Escalate VMware vSphere privileges In the GCVE portal.

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

The prerequisite step to adding additional users to a Google Cloud VMware Engine’s vCenter (GCVE) is to add a user in Google Cloud Platform Identity and Access Management. This will allow for the user to be added to the vCenter and properly authenticated.

Question #68

A cloud administrator needs to create a virtual machine that requires layer 2 connectivity to an on-premises workload.

Which type of network segment Is required?

A . Existing
B . Outbound
C . Extended
D . Routed

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

An extended network segment is required for a cloud administrator to create a virtual machine that requires layer 2 connectivity to an on-premises workload. Extended networks allow for the virtual machines to communicate directly with the on-premises workload while remaining isolated from the public cloud. This allows for the virtual machines to access the same services and workloads as the on-premises workloads while still remaining secure.

Question #69

An organization Is running multiple applications that span different public clouds. The cloud administrator is asked to perform budget management, cost reporting and cost forecasting from a single platform.

Which VMware Cloud service can the cloud administrator use to meet this requirement?

A . VMware vRealize Operations Cloud
B . VMware vRealize Network Insight Cloud
C . VMware vRealize Log Insight Cloud
D . CloudHealth by VMware

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

CloudHealth by VMware is a cloud cost governance platform that provides budget management, cost reporting, and cost forecasting from a single platform. It provides comprehensive visibility and control to manage cloud costs in hybrid and multi-cloud environments. CloudHealth by VMware also provides cost optimization, resource optimization, and real-time alerting capabilities to help organizations make cost-effective decisions to reduce cloud costs.

Question #70

Which three organizational aspects need to be considered to successfully transition to a cloud operating model? (Choose three.)

A . People
B . Technology
C . Process
D . Branding
E . Budget
F . Facilities

Reveal Solution Hide Solution

Correct Answer: ABC
ABC

Explanation:

https://blogs.vmware.com/management/2020/01/the-cloud-operating-model.html

Question #71

A cloud administrator Is tasked with deploying two virtual machines (APP01 and APP02) to a software-defined data center (SDDC) with multiple clusters hosted.

In VMware Cloud on AWS based on the following requirements:

• APP01 and APP02 should NOT run on the same host.

• Only three hosts in the SDDC are entitled to run the software installed on these servers.

• All entitled hosts are in cluster 1.

Which two actions should the administrator take to meet these requirements? (Choose two)

A . Create a Disable DRS vMotion policy.
B . Create a VM-VM anti-affinity policy.
C . Deploy APP01 to Cluster 1 and APP02 to cluster 2. a Create a VM-Host anti-affinity policy.
D . Create a VM-Host affinity policy.

Reveal Solution Hide Solution

Correct Answer: BD
BD

Explanation:

Question #72

As per company policy, all administrator level accounts need to have their password changed on a regular basis. The cloudadmin@vmc.local account password is changed by an administrator from the vSphere Client.

Another administrator is using the credentials in the VMware Cloud console and gets an ‘access denied’ error.

What could be the problem?

A . The password change email confirmation has NOT been approved by the organization owner.
B . The password should only be changed through the VMware Cloud console.
C . The new password is NOT synchronized with the password that is displayed for the Default vCenter user account.
D . The password should be changed by escalation of privileges.

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

The problem could be that the new password is not synchronized with the password that is displayed for the Default vCenter user account. The administrator must make sure that the same password is used in both the vSphere Client and the VMware Cloud console in order for the user to access the account. Changing the password in one place does not automatically change it in the other, so this must be done manually.

Question #73

The VMware Cloud on Dell EMC subscription entitles companies to services and support In addition to the server and rack hardware and SDDC software.

Which two services are Included In the subscription? (Choose two.)

A . Onsite support for hardware break-fix within four hours
B . Remote lifecycle management of the SDDC software
C . Automated capacity forecasting and expansion
D . Remote lifecycle management of virtual machine operating system software
E . Professional services assistance with application migration

Reveal Solution Hide Solution

Correct Answer: AB
AB

Explanation:

VMware Cloud on Dell EMC is a fully managed VMware Cloud Service which includes a physical Dell VxRail hyper-converged infrastructure built to a customer’s capacity needs and is delivered onsite preloaded with VMware vSphere®, VMware NSX®, and VMware vSAN™ software. Included with this service is full management of the hardware infrastructure, including monitoring, software patching and upgrades, security updates, lifecycle management, and break-fix service in the event of a hard failure. This service is backed by an Enterprise-grade Service Level Agreement (SLA). Figure 1 shows the VMware Cloud on Dell EMC infrastructure in greater detail, including all hardware necessary to deploy the infrastructure quickly right out of the crate.

Question #74

A cloud administrator needs to extend a network and requires that routing be handled at the source.

Which network segment type does VMware HCX Network Extension create in the VMware Cloud software-defined data center (SDDC) when extending the network?

A . Extended
B . Routed
C . Private
D . Disconnected

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

https://docs.vmware.com/en/VMware-Validated-Design/services/sddc-extending-to-vmware-cloud-on-aws/GUID-EDF0E8DB-2195-4EC2-9CE8-1BF51C5173A5.html

https://docs.vmware.com/en/VMware-HCX/4.5/hcx-user-guide/GUID-4052AC3F-9FFC-4FA2-ACB4-18B21962F4D3.html

VMware HCX Network Extension creates a routed network segment type in the VMware Cloud software-defined data center (SDDC) when extending the network. This routed segment is used to connect the on-premises environment with the VMware Cloud SDDC, allowing traffic to flow between the two. The other options (extended, private, and disconnected segments) are not created by Network Extension.

Question #75

A cloud administrator Is managing a VMware Cloud on AWS environment consisting of a single cluster with six hosts. There have been no changes made to the Elastic DRS configuration.

In which two situations will Elastic DRS add another a host to the cluster? (Choose two.)

A . When availability zone failure occurs
B . When memory utilization reaches 90%
C . When network utilization reaches 90%
D . When CPU utilization reaches 90%
E . When storage utilization reaches 80%

Reveal Solution Hide Solution

Correct Answer: AE
AE

Explanation:

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws-operations/GUID-961C4B32-6093-4C2E-AFE5-5B1F56BF4EEE.html

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws-operations/GUID-961C4B32-6093-4C2E-AFE5-5B1F56BF4EEE.html#:~:text=In%20a%20new%20SDDC%2C%20Elastic,AWS%20Availability%20Zone

%20failure%20occurs.

Question #76

A cloud administrator would like the VMware Cloud on AWS cluster to automatically scale-out and scale-In based on resource demand.

Which two Elastic DRS policies can be configured to meet this requirement? (Choose two.)

A . Elastic DRS Baseline policy
B . Optimize for Best Performance policy
C . Optimize for Lowest Cost policy
D . Custom Elastic DRS policy
E . Optimize for Rapid Scale-Out policy

Reveal Solution Hide Solution

Correct Answer: DE
DE

Explanation:

The two Elastic DRS policies that can be configured to meet the requirement of automatically scaling out and in based on resource demand are the Custom Elastic DRS policy and the Optimize for Rapid Scale-Out policy. The Custom Elastic DRS policy allows you to configure the cluster to scale out when certain resource utilization thresholds are met, while the Optimize for Rapid Scale-Out policy allows you to configure the cluster to scale out when resource utilization is high and scale in when utilization is low.

Elastic DRS is a feature of VMware Cloud on AWS that enables automatic scaling of the cluster based on resource demand. To meet the requirement of automatic scaling, the administrator can configure a custom Elastic DRS policy or the Optimize for Rapid Scale-Out policy. Custom Elastic DRS policy allows administrator to define the custom rules for scale-out and scale-in based on resource utilization thresholds. Optimize for Rapid Scale-Out policy automatically scales-out the cluster when resource utilization threshold is met.

Question #77

What is a benefit of public cloud computing?

A . Full control over physical data location
B . Full control over software versions and software lifecycle
C . Highly customizable and configurable hardware options
D . Cost savings on capital hardware expenses

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

One benefit of public cloud computing is cost savings on capital hardware expenses. Since the cloud provider owns and manages the hardware, the customer does not need to invest in the purchase and maintenance of physical hardware, resulting in significant cost savings. Additionally, public cloud services often provide scalability and can be accessed from anywhere with an internet connection.

Question #78

A . Connectivity the VMware Cloud on AWS environment must NOT have a single point of failure.
B . Any network traffic between on-premises company locations must be sent over a private IP address space.
C . Connectivity the VMware Cloud on AWS environment must support high-throughput data transfer.

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Question #79

VMware Engine cloud administrator is tasked with ensuring that a dedicated, secure, high-speed, and low-latency connection exists between an on-premises VMware Engine.

Which two options are available for Google Cloud VMware Engine? (Choose two.)

A . Partner Interconnect
B . Global Reach
C . Dedicated Interconnect
D . ExpressRoute
E . Direct Connect

Reveal Solution Hide Solution

Correct Answer: A, C
A, C

Explanation:

https://cloud.google.com/architecture/private-cloud-networking-for-vmware-engine

Dedicated Interconnect provides a private [1][2], dedicated connection between your on-premises network and Google’s network. It offers low latency, high bandwidth, and a secure connection. Partner Interconnect provides a connection to Google Cloud Platform through a partner’s network, such as a service provider or a carrier. It offers the same low latency, high bandwidth, and secure connection, but is slightly slower than Dedicated Interconnect.

Reference: [1] https://cloud.google.com/interconnect/docs/concepts/types [2] https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.networking.doc/GUID-6D3A8E3B-A7B1-4A05-A9A8-C4F4A4A4C1A2.html

Question #80

A cloud administrator is managing a Google Cloud VMware Engine environment with a single cluster consisting of 28 Hosts. The Administrator and, based on estimates from the application team, requires seven additional hosts.

What should the administrator do?

A . Add seven hosts to the existing cluster.
B . Provision a new private cloud.
C . Provision a new cluster.
D . Nothing; the cluster will scale automatically.

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

https://cloud.google.com/vmware-engine/docs/concepts-vmware-components Node Considerations You can specify the number of hosts to add or remove to or from their cluster. Private cloud initial setup happens in ~30 minutes.

Additional hosts can be added in ~15 minutes.

A three-node cluster is the minimum for production.

You can have up to 32 hosts per cluster.

You can have up to 64 hosts per private cloud.

Reference: https://cloud.google.com/vmware-engine/docs/concepts-vmware-components

Question #81

A Cloud Administrator is tasked with choosing a correct Elastic DRS policy. The existing VMware Cloud on AWS environment consists of a single cluster with two hosts.

The following guidelines regarding the expected performance must be met:

The cluster should be able to scale automatically when additional resources are required. Application performance should NOT be affected when the cluster scaling operation is being performed.

Which Elastic DRS policy should the cloud administrator Select?

A . Optimize for Best Performances
B . Elastic DRS Baseline
C . Optimize for Rapid Scale-Out
D . Optimize for Lowest Cost

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

Based on the given guidelines, the cloud administrator should select the Elastic DRS Baseline policy [1]. This policy is designed to scale the cluster automatically when additional resources are required, while also ensuring that application performance is not affected during the scaling operation. The Elastic DRS Baseline policy also ensures that resources are allocated efficiently and optimally [1], to minimize cost while ensuring that performance requirements are met.

For more information on the Elastic DRS Baseline policy [1], see the VMware official documentation

at https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.sddc-management/GUID-FDD3A8AC-E42C-4B92-9C1D-8EB49D6C7129.html.

Question #82

A Cloud Administrator is looking to migrate several dozen workloads from their on-premises location to a VMware public cloud using VMWare — need to be stretched for the migration. They will also be utilizing the capabilities of the WAN application for the migration.

HCX appliance requirements are as follows:

HCX Manager: 4 vCPU, 128GB Memory

HCX-IX Interconnect: 8 vCPU, 3GB Memory

HCX network Extension: 8 vCPU, 3GB Memory

HCX WAN Optimization: 8 vCPU, 14GB Memory

What are the on-premises vCPU and Memory component requirements for the VMWare HCX deployment?

A . 36 vCPUs, 35GB of memory
B . 32 vCPUs, 40GB of memory
C . 30 vCPUs, 36GB of memory
D . 28 vCPUs, 32GB of memory

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

https://docs.vmware.com/en/VMware-HCX/4.6/hcx-user-guide/GUID-D64901F4-6AB4-4820-9303-27927648A34D.html

Question #83

What are two incident management services included in the VMware Cloud on AWS service management process? (Choose two)

A . VMware Tools management
B . Incident Management
C . Microsoft License management
D . Capacity management
E . Workload OS management

Reveal Solution Hide Solution

Correct Answer: BD
BD

Explanation:

The two incident management services included in the VMware Cloud on AWS Service Management process are Incident Management and Capacity Management.

Incident Management is responsible for detecting, classifying, and resolving incidents quickly and effectively. It includes monitoring and alerting, incident response, and problem management. Capacity Management is responsible for predicting, measuring, and managing the capacity of the infrastructure. It includes capacity planning, performance analysis, and resource optimization.

Reference: [1] https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/cloud-management/vmware-cloud-on-aws-service-management-process.pdf [2] https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.admin.doc/GUID-684D1A84-C57F-4EC1-8A18-7A9A9EB9B7FF.html

Question #84

Exhibit:

NEW FOLDER UPLOAD FILES UPLOAD FOLDERS REGISTERED VM DOWNLOAD DATE COPY to MOVE TO RENAME TO DELETE

Name Size Modified Type Path

dvsData 05/03/2022, 9.10.21 AM Folder [vsandatastore] .sdd.sf 05/03/2022, 9.10.21 AM Folder [vsandatastore] app02-000002.vmdk 05/03/2022, 9.10.21 AM Folder [vsandatastore] app02-000003.vmdk 05/03/2022, 9.10.21 AM Folder [vsandatastore] app02-000002.hlog 05/03/2022, 9.10.21 AM Folder [vsandatastore] app02-000002.vswap 05/03/2022, 9.10.21 AM Folder [vsandatastore] app02-000002.vswap.lck 05/03/2022, 9.10.21 AM Folder [vsandatastore]

A cloud administrator is asked to troubleshoot a virtual machine (app02) that is performing slowly. The cloud Administrator noticed that app02 is con expected amount of disk space. As a first step, the cloud administrator uses VMware vCenter to check the snapshot manager for app02 and no snapshot — cloud administrator then navigates to the app02 files on the datastore, and is presented with the information provided in the exhibits.

Given the information provided, which task should the cloud administrator perform to resolve this issue?

A . Migrate the virtual machine to a new datastore.
B . Perform a snapshot consolidation.
C . Power cycle the virtual machine.
D . Execute a Delete All Snapshots task.

Reveal Solution Hide Solution

Correct Answer: D

Question #85

Given what you know about cloud, which examples illustrate its benefits? Select all options that apply.

A . An organization requires fewer developers when it uses the cloud.
B . An organization manages its cloud resources by using different cloud providers that are separate and isolated from each other.
C . A business stores infrequently accessed data in the cloud to benefit from reduced on-premises storage costs.
D . An organization manages its cloud resources by using different cloud providers that are separate
and isolated from each other.
E . A developer codes an application in a cloud-based environment, and, with a few simple commands, deploys the application on the business website.
F . In seconds, you receive a large amount of storage using a cloud option.

Reveal Solution Hide Solution

Correct Answer: B, C, E, F
B, C, E, F

Explanation:

Example B illustrates the benefit of cloud computing where an organization can manage its cloud resources by using different cloud providers that are separate and isolated from each other. This allows the organization to make use of features and services offered by different cloud providers in order to benefit from the best of different services.

Example C illustrates the benefit of cloud computing where a business can store infrequently accessed data in the cloud in order to benefit from reduced on-premises storage costs, as cloud storage is usually cheaper than on-premise storage.

Example E illustrates the benefit of cloud computing where a developer can code an application in a cloud-based environment, and, with a few simple commands, deploy the application on the business website. This eliminates the need for the developer to set up and manage the application on their own, as the cloud platform handles the deployment and hosting of the application.

Example F illustrates the benefit of cloud computing where a large amount of storage can be made available in seconds using a cloud option. This is useful for businesses that require a large amount of storage but don’t have the resources to set up and manage their own storage solution.

For more information on the benefits of cloud computing, see the VMware official documentation at https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.getting-started/GUID-F0A2F338-A6A7-49AD-B158-CFFCA2F29C1B.html.

Question #86

A cloud administrator is establishing connectivity between their on-premises data center and VMware Cloud. The Administrator wants to leverage Border gateway Protocol (BGP) to Dynamically learn when new networks are created.

Which type of VPN should the administrator configure to accomplish this?

A . Layer 2 VPN
B . SSL VPN
C . Policy-based IPSec VPN
D . Route-based IPSec VPN

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

Route-based IPSec VPNs provide the flexibility to dynamically learn when new networks are created, making them the ideal choice for establishing connectivity between an on-premises data center and VMware Cloud. Route-based IPSec VPNs use the Border Gateway Protocol (BGP) to dynamically learn and propagate routes over the VPN tunnel, allowing for scalable and secure connectivity. [1]

[1] https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.networking/GUID-EDA5A6E5-6C5B-4F66-9C2F-2C6D4F6EF8F6.html

Question #87

A cloud administrator is developing a new Private cloud in Google VMware Engine and wants to allow for Maximum growth.

What are two valid subnet sizes that meets the requirement for the VMware vSphere/vSAN subnet? (Choose two.)

A . /21
B . /24
C . /22
D . /23
E . /20

Reveal Solution Hide Solution

Correct Answer: AE
AE

Explanation:

https://cloud.google.com/vmware-engine/docs/concepts-vlans-subnets

Question #88

Which vSphere HA default response is applied when a virtual machine crashes on a VMware Cloud cluster?

A . Restart the impacted virtual machine on the same host in the same SDDC cluster
B . Shut down the impacted virtual machine and do not restart it anywhere
C . Restart the impacted virtual machine on other hosts in other SDDC Cluster
D . Restart the impacted virtual machine on other hosts in the same SDDC Cluster

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

VMware High Availability (HA) is a feature of the VMware Cloud platform that monitors the health of virtual machines and restarts virtual machines on other hosts if they crash or become unresponsive. This ensures that the virtual machines are always available and that no downtime is experienced. The default response is to restart the impacted virtual machine on other hosts in the same SDDC Cluster, however, this can be customized to suit the needs of the customer.

Reference: [1]https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.availability_and_scalability.doc/GUID-C7E2C2A2-B9A8-4CD0-A2F2-EA6C08C8D95B.html [2]

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.admin.doc/GUID-F9C7F1B8-4855-4C3A-A723-C9A2F7CDBFFB.html

Question #89

Which software development challenge can a cloud administrator address by adopting a cloud operating model?

A . The length of time needed to provision the required infrastructure
B . High operating expense (OPEX) spending due to software licenses
C . The use of different programming languages by developers
D . Lack of standardization of operating systems used by developers

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

https://blogs.vmware.com/management/2021/10/introduction-to-vmware-cloud-operating-model.html

Question #90

Which two components are required in order to deploy a Tanzu Kubernetes Grid Cluster in VMware Could environment? (Choose two)

A . Tanzu CLI
B . Supervisor namespace
C . vSphere VM folder
D . vSphere resource pool
E . YAML manifest file

Reveal Solution Hide Solution

Correct Answer: C, D
C, D

Explanation:

https://docs.vmware.com/en/VMware-Tanzu-Kubernetes-Grid/1.6/air-gap-reference-architecture/GUID-deployment-guides-tkg-vsphere-vds-airgap.html

Question #91

A cloud administrator needs to create an isolated network segment for use in disaster recovery test.

Which type of network segment is required?

A . Private
B . Routed
C . Extended
D . Disconnected

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

A private network segment is an isolated network segment that is used for disaster recovery testing. Private network segments provide a secure and isolated environment for testing, allowing administrators to test their disaster recovery plans without risking the stability of their production environment. Private network segments also provide additional security, as they are not connected to the public internet, making them less vulnerable to external attacks. [1]

[1] https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.networking/GUID-64D7A8F3-45C9-4A83-8528-A8C2A2C7001D.html

Question #92

What is the purpose or the VMware cloud on AWS management gateway (MGW)?

A . A Tier-0 router that handles network traffic for workload virtual machines connected to routed computer network segments
B . A Tier-0 router that handles routing and firewalling for the VMware vCenter Server and other management appliances running in the software-defined datacenter (SDDC).
C . A Tier-1 router that handles network traffic for workload virtual machines connected to routes compute network segments
D . A Tier-1 router handles routing and firewalling for the VMware vCenter Server and Other management appliances running in the software-defined datacenter (SDDC).

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

Management Gateway (MGW) The MGW is a Tier 1 router that handles routing and firewalling for vCenter Server and other management appliances running in the SDDC. Management gateway firewall rules run on the MGW and control access to management VMs. In a new SDDC, the Internet connection is labelled Not Connected in the Overview tab and remains blocked until you create a Management Gateway Firewall rule allowing access from a trusted source.

Question #93

Which two key components are required in every instance in the VMware Cloud software-defined datacenter (SDDC)? (Choose two.)

A . VMware vSphere
B . VMware vRealize Operations
C . VMware Tanzu Kubernetes Grid
D . VMware NSX-T
E . CloudHealth by VMWare

Reveal Solution Hide Solution

Correct Answer: A, D
A, D

Explanation:

The correct answers are A and

D. Every instance in the VMware Cloud software-defined datacenter (SDDC) requires VMware vSphere and VMware NSX-T. VMware vSphere is a virtualization platform that allows customers to manage, deploy, and configure virtual machines and other related components. VMware NSX-T is a network virtualization platform that provides security and networking services to virtualized environments.

Question #94

What must a cloud administrator configure in order to allow a company’s on-premises data center to access the VMware Cloud on AWS vCenter Server.

A . Management network segment
B . Compute gateway firewall
C . Management gateway firewall
D . Compute network segment

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws-networking-security/GUID-2D31A9A6-4A80-4B5B-A382-2C5B591F6AEB.html

Question #95

A Cloud Administrator is responsible for which three of the listed operations in VMware Cloud on AWS? (Choose three.)

A . VMware Tools Updates
B . VMWare NSX Manager Updates
C . Guest Operating System Updates
D . Hardware Bios / Firmware Updates
E . VMware vCenter Server Updates
F . Network Connectivity

Reveal Solution Hide Solution

Correct Answer: A, C, F
A, C, F

Explanation:

A Cloud Administrator is responsible for VMware vCenter Server Updates (see [1] for more details), VMware NSX Manager Updates (see [2] for more details), and Network Connectivity (see [3] for more details). These tasks involve ensuring that the VMware Cloud on AWS environment is up-to-date and running smoothly, and that any changes made to the environment are properly implemented and adhere to the security and performance requirements. Additionally, the Cloud Administrator is responsible for ensuring that all guest operating systems, VMware Tools, and hardware bios/firmware are kept up-to-date and that any necessary patches or updates are applied.

[1] https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.administration/GUID-F86D6A1F-9985-4F29-9D56-F92600B2D48A.html [2] https://docs.vmware.com/en/VMware-NSX-T/services/nsxt-admin-guide.html [3] https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.networking/GUID-D2E2F9A9-8661-4BDB-A8A8-4D4F4F7C4E1A.html

Question #96

A cloud Administrator is receiving complaints about an application experiencing intermittent network connectivity.

Which VMware Cloud tools can help the administrator check if packets are being dropped?

A . VRealize Log Insight
B . Port mirroring
C . IPFIX
D . Traceflow

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

IPFIX (Internet Protocol Flow Information Export) is a standard for the format and export of network flow information for troubleshooting, auditing, or collecting analytics information. Port mirroring lets you replicate and redirect all of the traffic coming from a source. The mirrored traffic is sent encapsulated within a Generic Routing Encapsulation (GRE) tunnel to a collector so that all of the original packet information is preserved while traversing the network to a remote destination.

Use Traceflow to inspect the path of a packet. Traceflow traces the transport node-level path of a packet. The trace packet traverses the logical switch overlay, but is not visible to interfaces attached to the logical switch. In other words, no packet is actually delivered to the test packet’s intended recipients.

vRealize Log Insight is a log collection and analytics virtual appliance that enables administrators to collect, view, manage and analyze syslog data. Log Insight provides real-time monitoring of application logs, network traces, configuration files, messages and performance data.

Question #97

Which statement describes the VMware Multi-Cloud vision?

A . Flexibility to operate globally and consistently
B . Flexibility to choose any hardware vendor
C . Flexibility to manage infrastructure through outsourcing
D . Flexibility to choose any hypervisor

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

https://www.vmware.com/cloud-solutions/multi-cloud.html

Multi-Cloud Solutions Redefine the foundation of IT to power every application on any cloud. With Multi-Cloud solutions from VMware, you can migrate to the cloud without recoding your apps, modernize your infrastructure, and operate consistently across the data center, the edge, and any cloud.

Question #98

A cloud administrator is tasked with improving the way that containers are scaled and managed in the environment. There is a currently no container orchestration solution implemented.

Which solution can the administrator leverage to achieve this?

A . VMware NSX Container Plugin
B . Kubernetes
C . VMware vRealize Suite Lifecycle Manager
D . etcd

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

Kubernetes is an open-source container orchestration system for automating application deployment, scaling, and management, which provides features such as self-healing, auto-scaling, and service discovery. With Kubernetes, cloud administrators are able to easily scale and manage containers across multiple clusters and nodes, allowing them to more effectively manage container-based applications. Additionally, Kubernetes provides advanced features such as container scheduling, resource management, and service discovery, which are all essential for managing container-based applications in a production environment. For more information on Kubernetes, you can refer to the official VMware documentation here. or is encount

Question #99

In VMware Cloud, who is responsible for the encryption of virtual machines?

A . Native cloud provider
B . Customer
C . VMware Cloud Provider Partner (VCPP)
D . VMware

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

Customer responsibility “Security in the Cloud” C Customers are responsible for the deployment and ongoing configuration of their SDDC, virtual machines, and data that reside therein. In addition to determining the network firewall and VPN configuration, customers are responsible for managing virtual machines (including in guest security and encryption) and using VMware Cloud on AWS User Roles and Permissions along with vCenter Roles and Permissions to apply the appropriate controls for users.

The responsibility for the encryption of virtual machines in VMware Cloud lies with the customer. The customer is responsible for configuring and managing any encryption or security related settings and configurations in the virtual machines, such as disk encryption or the configuration of security protocols. The VMware Cloud Provider Partner (VCPP) is responsible for the overall security of the

cloud environment [1][2], including the encryption of data at rest, but the customer is responsible for configuring and managing the encryption settings within their virtual machines.

Reference: https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.encryption/GUID-6F6921CA-44D6-4D9D-B0C0-12C18A545B7C.html

Question #100

Which two steps does a cloud administrator need to take when protecting a VMware Cloud on AWS software-defined data center (SDDC) with VMware site Recovery? (Choose Two.)

A . Deploy the vSphere Replication virtual appliance.
B . Deploy the Site Recovery manager virtual Appliance.
C . Connect the Site Recovery manager instance on the protected recovery site.
D . Register the vSphere Replication appliance with vCenter Single Sign-On
E . Set the NSX-T Edge management gateway firewall rules.

Reveal Solution Hide Solution

Correct Answer: A, C
A, C

Explanation:

A cloud administrator needs to deploy the vSphere Replication virtual appliance and the Site Recovery manager virtual appliance when protecting a VMware Cloud on AWS software-defined data center (SDDC) with VMware Site Recovery.

The vSphere Replication virtual appliance is responsible for replicating the virtual machines from the source to the target site. Site Recovery Manager virtual appliance acts as the central management and orchestration platform for the entire disaster recovery process.

Reference: https://docs.vmware.com/en/VMware-Site-Recovery/index.html

In order to protect a VMware Cloud on AWS software-defined data center (SDDC) with VMware Site Recovery [1][2], a cloud administrator needs to take the following two steps:

A) Deploy the vSphere Replication virtual appliance – This can be done by logging into the vSphere Client, navigating to the vCenter Server, and then selecting the Deploy OVF Template option. From here, the cloud administrator can upload the OVF template for the vSphere Replication appliance and configure it.

B) Connect the Site Recovery manager instance on the protected recovery site – This involves logging into the Site Recovery Manager (SRM) and setting up the connection between the protected recovery site and the SRM instance. This can be done by going to the SRM dashboard and then selecting the Connect Remote Site option.

Reference: [1] https://docs.vmware.com/en/VMware-Site-Recovery/services/vmc-dr-deployment/GUID-DBF6CD69-6F7E-47E2-9417-91D5C5F5AC5E.html

[2] https://docs.vmware.com/en/VMware-Site-Recovery/services/vmc-dr-deployment/GUID-1C8B7BCA-D4BE-4EAF-9A8A-4B42E2B7236A.html

Question #101

A cloud administrator is tasked with deploying a new software-defined data center (SDDC) in VMware Cloud on AWS and has been able to log into the VMware Cloud console Successfully.

However, they cannot access the VMware Cloud on AWS Services.

Which two tasks need to be performed for the administrator to gain access? (Choose two.)

A . The cloud administrator will need to create a new subscription for the VMware Cloud on AWS service.
B . The cloud administrator will need to request access to the VMware Cloud on AWS service
C . The cloud administrator will need the globalcloudadmin role in the VMware Cloud on AWS service.
D . The cloud administrator will need the Administrator role in the VMware Cloud on AWS service.
E . The cloud administrator will need the cloudadmin role in the VMware Cloud on AWS service.

Reveal Solution Hide Solution

Correct Answer: BD
BD

Explanation:

(Reference: https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vcloud.admin.doc/GUID-3568D3B3-ACFE-41F1-A966-5D4784F8A7A0.html)

To request access to the VMware Cloud on AWS service, the cloud administrator must log in to the VMware Cloud Console and fill out the New Subscription Request form. Once the form is filled out and submitted, the cloud administrator will receive an email with instructions on how to access the VMware Cloud on AWS service.

The cloud administrator will also need to have the Administrator role in the VMware Cloud on AWS service in order to gain access. The Administrator role allows the cloud administrator to access the VMware Cloud on AWS service, view the services available in the VMware Cloud on AWS console, and manage the resources in the SDDC.

Reference: [1] https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/VMware-Cloud-on-AWS-Outposts/GUID-access.html

Question #102

A cloud administrator is managing a VMware Cloud on AWS environment containing of a single cluster with three hosts.

Which acts recovery site for the on-premises environment. The on-premises environment consists of eight hosts. what should the cloud administrator configure to optimize scaling for full disaster recovery?

A . Configure an Elastic DRS policy and set the maximum cluster Size to 8.
B . No Additional configuration is required Default Elastic DRS will fulfill the requirement
C . Configure an Elastic DRS policy and select ‘Optimize for Rapid scale-out’.
D . Configure an Elastic DRS policy and set minimum cluster size to 8.

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

According to the VMware official documentation, in order to optimize scaling for full disaster recovery in a VMware Cloud on AWS environment, it is necessary to configure an Elastic DRS policy and select ‘Optimize for Rapid scale-out’ as the policy type. This option allows for a rapid increase in the number of hosts within the cluster, which is necessary for full disaster recovery. For more information, please refer to the VMware Cloud on AWS Disaster Recovery Guide, which can be found

here: https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/VMware-Cloud-on-AWS-Disaster-Recovery-Guide.html.

Question #103

Which two use cases can be met with VMware Cloud on Dell EMC and VMware Cloud on AWS Outposts? (Choose two.)

A . Administrator rights in SDDC Manager to configure and operate the solution
B . Ability to create public services
C . Applications needing local data processing and/or low latency integrations
D . Critical workloads that use restricted data
E . On demand rapid scalability

Reveal Solution Hide Solution

Correct Answer: CD
CD

Explanation:

The two use cases that can be met with VMware Cloud on Dell EMC and VMware Cloud on AWS Outposts are Option C: Applications needing local data processing and/or low latency integrations, and Option D: Critical workloads that use restricted data.

VMware Cloud on Dell EMC and VMware Cloud on AWS Outposts both provide local data processing and low latency integrations, making them ideal for applications that require quick and efficient access to data. Additionally, the highly secure infrastructure of both solutions make them a great choice for critical workloads that use restricted data.

For more information, please refer to the official VMware documentation on VMware Cloud on Dell EMC: https://www.vmware.com/products/vmware-cloud-on-dellemc.html And the official VMware documentation on VMware Cloud on AWS Outposts: https://www.vmware.com/products/vmware-cloud-on-aws-outposts.html

Question #104

A cloud administrator is using VMware HCX to migrate application workloads between an on-premises data center and a VMware Public Cloud (UI!) capability of VMware HCX is being used to extend a number of on-premises network segments into the cloud to avoid IP re-addressing concerns. When the cloud administrator tries to extend a native layer 2 network segment from the cloud back into the on-premises data center. an error is encountered and the extension fails.

What should the administrator do to enable network extension from the cloud side to on-premises in this scenario?

A . Enable reverse L2E in the advanced configuration menu of HCX. Make the appropriate change and re-deploy the HCX Service Mesh.
B . Ensure that the on-premises environment that has at minimum a VMware vSphere Distributed Switch with version 6.5 configured.
C . Install VMware NSXT into the on-prerinse data center.
D . Enable reverse L2E in the advanced configuration menu of HCX. Make the appropriate change, re-deploy the on-premise HCX Manager and re-pair the sites together.

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

The best solution for enabling network extension from the cloud side to the on-premises data center in this scenario is to ensure that the on-premises environment has at least a VMware vSphere Distributed Switch with version 6.5 configured. This will enable the reverse L2E feature, which is necessary for extending the native layer 2 network segment from the cloud back into the on-premises data center. For more information on how to configure reverse L2E and extend a network segment from the cloud to the on-premises data center, please refer to the official VMware documentation here.

Question #105

A cloud administrator successfully configures a policy-based VPN between an on-premises data center and an instance of VMware Cloud Software-defined data center (SDDC). Although the workloads are reachable from both locations over the IP network, the cloud virtual machines cannot access an on-premises web service.

What should the cloud administrator check first to resolve this issue?

A . On-premises DNS settings
B . VMware Cloud DNS settings
C . On-premises gateway settings
D . VMware Cloud gateway settings

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws-networking-security/GUID-586C053D-9553-461E-B6A8-FF508C8F091C.html

Question #106

A cloud administrator is tasked with migrating workloads from an on-premises environment to a VMware Cloud on AWS software-defined datacenter (SDDC) with no downtime while retaining their IP Address.

Which connectivity type should be used?

A . Private policy-based IPsec VPN
B . Private route-based IPsec VPN
C . Open VPN
D . Private Layer 2 VPN

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

Private L2 VPN: To migrate running VMs between SDDCs in different geographical locations.

You use a private layer 2 (L2) VPN to extend an on-premises network to your cloud SDDC. This extended network is a single subnet with a single broadcast domain.

You can use L2 VPNs to migrate VMs to and from your cloud SDDC, for disaster recovery, or for dynamic access to cloud computing resources (often called cloud bursting).

VM migrations across an L2 VPN support VLAN tagging and GENEVE frame encapsulation when migrating between a cloud SDDC to another SDDC.

The L2 VPN tunnel extends layer 2 networks across geographic sites. VMs can move across sites (using vSphere vMotion) and keep the same IP addresses using an L2 VPN.

Question #107

Which three types of gateways can be found in VMware cloud on AWS (Choose three?)

A . Distributed Tier-1
B . Standard Tier-1
C . Tire-0
D . Compute Tier-1
E . Management Tire-1
F . Management Tire-0

Reveal Solution Hide Solution

Correct Answer: ABD
ABD

Explanation:

The three types of gateways that can be found in VMware Cloud on AWS are Option A: Distributed

Tier-1, Option B: Standard Tier-1, and Option D: Compute Tier-1.

Distributed Tier-1 gateways are used for secure access between on-premises networks and the VMware Cloud on AWS SDDC network. Standard Tier-1 gateways are used for secure access between the VMware Cloud on AWS SDDC network and the public internet. Compute Tier-1 gateways are used for secure access between the workloads running on the VMware Cloud on AWS SDDC and the public internet.

For more information, please refer to the official VMware documentation on VMware Cloud on AWS

Gateways: https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.networking/GUID-1F2D1BFC-F5C7-4534-8B49-39F9D08E7F1A.html