nerdexam
Broadcom-VMware

2V0-622 · Question #13

Which three services can be enabled/disabled in the Security Profile for an ESXi host? (Choose three.)

The correct answer is A. CIM Server C. Direct Console UI D. Syslog Server. The ESXi Security Profile exposes a set of host services that administrators can enable or disable; CIM Server, Direct Console UI, and Syslog Server are three such configurable services.

Section 1 – Configure and Administer vSphere 6.5 Security

Question

Which three services can be enabled/disabled in the Security Profile for an ESXi host? (Choose three.)

Options

  • ACIM Server
  • BSingle Sign-On
  • CDirect Console UI
  • DSyslog Server
  • EvSphere Web Access

How the community answered

(20 responses)
  • A
    90% (18)
  • B
    5% (1)
  • E
    5% (1)

Why each option

The ESXi Security Profile exposes a set of host services that administrators can enable or disable; CIM Server, Direct Console UI, and Syslog Server are three such configurable services.

ACIM ServerCorrect

CIM Server (Common Information Model) is a service listed in the ESXi Security Profile that provides hardware monitoring and management interfaces to third-party tools. It can be enabled or disabled to control external hardware monitoring access on the host.

BSingle Sign-On

Single Sign-On (SSO) is a vCenter Server Platform Services Controller authentication service and is not managed as a service within an individual ESXi host's Security Profile.

CDirect Console UICorrect

Direct Console UI is the local text-based console interface on an ESXi host and is a configurable service within the Security Profile. Disabling it restricts local console access, which is a common host hardening practice.

DSyslog ServerCorrect

Syslog Server is a service in the ESXi Security Profile that controls the forwarding of host logs to a remote syslog collector. It can be enabled or disabled and configured with a target log server address.

EvSphere Web Access

vSphere Web Access was a legacy browser-based management interface for ESXi that has been deprecated and removed in modern vSphere versions and does not appear as a configurable service in the ESXi Security Profile.

Concept tested: ESXi Security Profile host service management

Source: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-4240B6D2-0EDB-4AC2-8B39-B51011C9F5EB.html

Topics

#ESXi security profile#host services#CIM server#syslog

Community Discussion

No community discussion yet for this question.

Full 2V0-622 Practice