Broadcom-VMware
2V0-622 · Question #18
2V0-622 Question #18: Real Exam Question with Answer & Explanation
The correct answer is B: Set a complex password for the root account and limit its use.. Sharing a root account across multiple ESXi hosts is a security risk best mitigated by enforcing a strong password with minimal use and replacing shared root usage with individual AD-authenticated administrator accounts.
Section 1 – Configure and Administer vSphere 6.5 Security
Question
A common root user account has been configured for a group of ESXi 6.x hosts. Which two steps should be taken to mitigate security risks associated with this configuration? (Choose two.)
Options
- ARemove the root user account from the ESXi host.
- BSet a complex password for the root account and limit its use.
- CUse ESXi Active Directory capabilities to assign users the administrator role.
- DUse Lockdown mode to restrict root account access.
Explanation
Sharing a root account across multiple ESXi hosts is a security risk best mitigated by enforcing a strong password with minimal use and replacing shared root usage with individual AD-authenticated administrator accounts.
Common mistakes.
- A. The root account is a built-in system account on ESXi and cannot be removed; VMware does not support deleting the root user from a host.
- D. Lockdown Mode restricts all direct host access broadly rather than specifically limiting root account usage, and enabling it could block legitimate administrative workflows without addressing the shared-credential root cause.
Concept tested. ESXi root account security hardening and AD integration
Topics
#root account security#Active Directory#ESXi hardening#lockdown mode
Community Discussion
No community discussion yet for this question.