An administrator is tasked with allowing a single user the ability to take snapshots on a virtual machine. When looking in vCenter, the administrator can see that there are already users and groups assigned permissions on the virtual machine as follows:
•The group VMJJsers has the Virtual Machine Power User role.
•The group VM_Viewers has the Read Only role.
The administrator confirms that the user requesting the additional access is currently one of five members of the VM_Viewers group
Which two steps should the administrator take to grant this user the additional access required without impacting the user access of others? (Choose two.)

1. A. Add the user to the VM_Users group and leave the permissions on the virtual machine object unchanged
2. B. Add a new permission on the virtual machine object selecting the user and the new custom role.
3. C. Edit the Read Only role to add the Virtual Machine Snapshot Management privileges.
4. D. Create a new custom role with the Virtual Machine Snapshot Management privileges.
5. E. new permission on the virtual machine object selecting the VM_Viewers group and the new custom

Correct Answer: BD
The administrator should create a new custom role with the Virtual Machine Snapshot Management privileges, which allows the user to create, delete and revert snapshots. The administrator should then add a new permission on the virtual machine object selecting the user and the new custom role, which grants the user the additional access required without affecting other users or groups. References: https://docs.vmware.com/en/VMware-vSphere/8.0/com.vmware.vsphere.security.doc/GUID-93B962A7-93FA-4

An administrator is working with VMware Support and Is asked to provide log bundles for the ESXI hosts in an environment. Which three options Joes the administrator have? (Choose three.)

1. A. Generate a combined log bundle for all ESXI hosts using the vCenter Management Interface.
2. B. Generate a separate log bundle for each ESXI host using the vSphere Host Client.
3. C. Generate a combined log bundle for all ESXI hosts using the vSphere Client.
4. D. Generate a separate log bundle for each ESXI host using the vSphere Client.
5. E. Generate a separate log bundle for each ESXI host using the vCenter Management Interface.
6. F. Generate a combined log bundle for all ESXi hosts using the vSphere Host Client.

Correct Answer: BCD
Option B, C and D are correct because they are valid methods to generate log bundles for individual or
multiple ESXi hosts using different interfaces. Option A and E are incorrect because they are not possible options to generate log bundles for all ESXi hosts using the vCenter Management Interface. Option F is incorrect because it is not possible to generate a combined log bundle for all ESXi hosts using the vSphere Host Client. References:
https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.troubleshooting.doc/GUID-9A94C3D1

An administrator is tasked with configuring certificates for a VMware software-defined data center (SDDC) based on the following requirements:
• All certificates should use certificates trusted by the Enterprise Certificate Authority (CA).
• The solution should minimize the ongoing management overhead of replacing certificates.
Which three actions should the administrator take to ensure that the solution meets corporate policy? (Choose three.)

1. A. Replace the VMware Certificate Authority (VMCA) certificate with a self-signed certificate generated from the
2. B. Replace the machine SSL certificates with custom certificates generated from the Enterprise CA.
3. C. Replace the machine SSL certificates with trusted certificates generated from the VMware Certificate Authority (VMCA).
4. D. Replace the VMware Certificate Authority (VMCA) certificate with a custom certificate generated from the Enterprise CA.
5. E. Replace the solution user certificates wife custom certificates generated from the Enterprise CA.
6. F. Replace the solution user certificates with trusted certificates generated from the VMware Certificate Authority (VMCA).

Correct Answer: BDE
Option B, D and E are correct because they allow the administrator to replace the machine SSL certificates, the VMware Certificate Authority (VMCA) certificate and the solution user certificates with custom certificates generated from the Enterprise CA, which will ensure that all certificates are trusted by the Enterprise CA and minimize the ongoing management overhead of replacing certificates. Option A is incorrect because replacing the VMCA certificate with a self-signed certificate generated from the VMCA will not ensure that the certificate is trusted by the Enterprise CA. Option C is incorrect because replacing the machine SSL certificates with trusted certificates generated from the VMCA will not ensure that the certificates are trusted by the Enterprise CA. Option F is incorrect because replacing the solution user certificates with trusted certificates generated from the VMCA will not ensure that the certificates are trusted by the Enterprise CA. References:
https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-A2A4371A-B888