VMware 5V0-31.22 VMware Cloud Foundation Specialist (v2) Exam Practice Test

Page: 1 / 14
Total 117 questions
Question 1

An architect is designing networking for a developer-ready infrastructure on VMware Cloud Foundation. During the discussion with the network team, a question comes up about the use of a routable CIDR range.

Which item uses this type of range?



Answer : C

This is because an ingress is a Kubernetes resource that exposes HTTP and HTTPS routes from outside the cluster to services within the cluster1. An ingress can use a routable CIDR range to assign IP addresses to the ingress controllers that handle the traffic routing.

https://docs.vmware.com/en/VMware-Cloud-Foundation/services/vcf-developer-ready-infrastructure-v1/GUID-AF178A31-D09A-4265-89FD-5987D1B36757.html


Question 2

Which type of IP subnets are required when enabling Workload Management in VMware Cloud Foundation?



Answer : A

https://docs.vmware.com/en/VMware-Cloud-Foundation/5.0/com.vmware.vcf.vxrail.doc/GUID-E8D0A432-8573-4DF5-9330-A4FE15F74128.html

Prerequisites

A VI workload domain must be deployed.

An Workload Management ready NSX Edge cluster must be deployed on the workload domain.

You must select Workload Management on the Use Case page of the Add Edge Cluster wizard. See step 6 in Deploy an NSX Edge Cluster.

All hosts in the vSphere cluster for which you enable Workload Management must have a vSphere with Tanzu license.

Workload Management requires a vSphere cluster with a minimum of three ESXi hosts.

The following IP address subnets must be defined:

A non-routable subnet for pod networking, minimum of a /22 subnet.

A non-routable subnet for Service IP addresses, minimum of a /24 subnet

A routable subnet for ingress, minimum of a /27 subnet

A routable subnet for egress, minimum of a /27 subnet


Question 3

Which two configurations are part of the VMware Cloud Builder validation process? (Choose two.)



Answer : C, E

See 'Figure 25. Configure Cloud Builder validation' at https://infohub.delltechnologies.com/l/dell-poweredge-mx-deployment-with-vmware-cloud-foundation-deployment-guide/vmware-cloud-builder-configuration-validation https://my-cloudy-world.com/2021/05/28/vmware-cloud-builder-bringup-validation-tasks/


Question 4

A VMware Cloud Foundation administrator has been tasked with replacing self-signed certificates with those signed by a third-party Certificate Authority. A security policy disallows the integration and use of Microsoft Active Directory Certificate Sen/ices and prefers an external provider.

Which two steps must be taken in order to configure these certificates? (Choose two.)



Answer : A, C

A) Generate Certificate Signing Requests from SDDC Manager - In order to replace the self-signed certificates with third-party signed certificates, the Certificate Signing Requests (CSRs) need to be generated. This can be done from the SDDC Manager UI.

C) Create and package the certificates in a domain_name.tar.gz file - After the CSRs are generated, they can be used to obtain third-party signed certificates from a certificate authority. Once the certificates are obtained, they need to be packaged in a domain_name.tar.gz file and uploaded to SDDC Manager.

Generate Certificate Signing Requests (CSRs) from SDDC Manager for each component that requires a certificate1.You can do this from the SDDC Manager UI or using an API call1.

Have the CSRs signed by a third-party Certificate Authority of your choice1. You can use any external provider that meets your security policy requirements.

Create and package the certificates in a domain_name.tar.gz file according to the naming convention and folder structure specified by SDDC Manager1. You can use any compression tool that supports gzip format.

Upload and install the certificates using SDDC Manager UI or API1. You can also verify and troubleshoot the certificate installation using SDDC Manager.

https://docs.vmware.com/en/VMware-Cloud-Foundation/4.5/vcf-admin/GUID-80431626-B9CD-4F21-B681-A8F5024D2375.html


Question 5

Which two configurations are validated during the VMware Cloud Foundation bring-up process? (Choose two.)



Answer : A, B

According to the VMware Cloud Foundation documentation1, the following audit tasks are performed and validation results are displayed on the UI:

JSON specifications validation: Validates the completeness and correctness of the specifications of JSON.

Well-Formed JSON File: Validates JSON correctness, syntax, null values, and missing fields or components.

Password validation: Validates specified passwords. Checks for minimum length, invalid characters, and format.

ESXi host version validation: Validates ESXi version installed on the hosts and compares against the VCF-EMS manifest located in /opt/evosddc/bundle/scripts/manifest.json on the Cloud Foundation Builder VM.

Cloud Builder Readiness: Validates whether the requirements to run the Cloud Foundation Builder VM are met.

License key format: Validates format, validity, and expiry for ESX, vSAN, vCenter Server, NSX, and Log Insight license keys.

ESXi Host Readiness

Network configuration: Validates CIDR to IP address validity, IP addresses in use, gateways, invalid or missing VLANs, invalid or missing MTU, and network spec availability for all components.

Time Synchronization: Validates the time on the components is synchronized with the NTP server in the SDDC Manager.

Network Connectivity: Validates network connectivity between hosts and between hosts and other components.

Stretched Cluster validation is not a configuration that is validated during the VMware Cloud Foundation bring-up process, because it is an optional feature that can be enabled after the bring-up process is completed2

Cloud Builder Log Configuration validation is not a valid option, because there is no such configuration in the VMware Cloud Foundation bring-up process.The Cloud Builder VM generates logs that can be downloaded for troubleshooting purposes, but they are not validated during the bring-up process3

NSX Edge validation is not a configuration that is validated during the VMware Cloud Foundation bring-up process, because NSX Edge nodes are not deployed during the bring-up process. They are deployed when creating a VI workload domain or enabling Application Virtual Networks (AVNs).


Question 6

A systems administrator wants to integrate Microsoft Certificate Authority with SDDC Manager and has already established a connection between the components.

Which pre-requisite step is required for this integration to work?



Answer : D

This is because according to VMware documentation6, when integrating Microsoft Certificate Authority with SDDC Manager, you need to configure basic authentication on the Microsoft Certificate Authority Server and provide valid credentials when establishing a connection from SDDC Manager.


Question 7

What is a valid procedure to replace an expired vSAN license in a VMware Cloud Foundation environment?

A.

1 Add a new vSAN license to the SDDC Manager and vCenter Server.

2. Reassign the vSAN license to the cluster in the vCenter Server.

3. Remove the expired vSAN license from the SDDC Manager and vCenter Server.

B.

1 Add a new vSAN license to the SDDC Manager.

2. Connect to SDDC Manager via SSH, and then restart Domain Manager using systemctl restart domainmanager. 3 Verify in the SDDC Manager whether a new vSAN license has been assigned to the cluster.

C.

1 Add a new vSAN license to the vCenter Server.

2. Connect to SDDC Manager via SSH, and then restart Lifecycle Management using systemctl restart Icm.

3. Verify in the vCenter Server whether a new vSAN license has been assigned to the cluster.

D.

1 Add a new vSAN license to the SDDC Manager.

2. Reassign the vSAN license to the cluster in the SDDC Manager.

3. Remove the expired vSAN license from the SDDC Manager



Answer : A

a valid procedure to replace an expired vSAN license in a VMware Cloud Foundation environment isOption


Page:    1 / 14   
Total 117 questions